Home
Tech info
Technology
Science
Life
Application
Electric
Program
Mobile
Windows 10
Windows 11Malware using machine learning technology, downloaded more than 240,000 times by Android users
Kaspersky's Threat Research Center has discovered a new data-stealing Trojan, dubbed SparkCat, that has been active on the App Store and Google Play since at least March 2024. This is the first documented case of optical-based malware appearing on the App Store.
SparkCat uses machine learning to scan photo libraries and steal screenshots containing phrases related to cryptocurrency wallet keys. SparkCat can also find and extract other sensitive data in images, such as passwords. For example, the iOS food delivery app ComeCome was infected with malware, with an interface and functionality that is indistinguishable from the original Android version.
(Illustration)
The malware hides not only in legitimate apps that are already infected, but also in lure apps - such as messaging apps, AI assistants, food delivery apps, cryptocurrency-related apps, etc. Some of the apps can be downloaded from official platforms on Google Play and the App Store. On Google Play alone, these apps have been downloaded more than 242,000 times.
SparkCat mainly targets users in the UAE and countries in Europe and Asia. This is the conclusion of experts based on information about the operating regions of infected applications and technical analysis of the malware. Accordingly, SparkCat scans photo libraries for keywords in many languages, including Chinese, Japanese, Korean, English, Czech, French, Italian, Polish and Portuguese, .
According to the scenario, after being installed on the device, the malware will request access to the user's photo library to view all the images. The malware will then use an optical character recognition (OCR) module to analyze the text and characters in the image. If the stealer detects relevant keywords, SparkCat will send the image to the attacker.
"The main goal of the hacker is to find the crypto wallet's recovery phrase. With this information, the bad guys can take full control of the victim's wallet and steal money. In addition to stealing recovery phrases, the malware is also capable of extracting other personal information from screenshots, such as messages and passwords," Kaspersky warned.
"This is the first time we have seen a trojan using optical character recognition (OCR) technology infiltrating the App Store system," said Sergey Puzan, a malware analyst at Kaspersky. "At the moment, it is unclear how the infected apps passed the App Store and Google Play checks to reach end users, or whether there are other ways to prove that these apps are trustworthy."
According to Kaspersky, SparkCat has several notable features that make its spread even more dangerous. First of all, the SparkCat malware hides in official apps from app stores and operates without leaving any obvious signs of suspicion. The trojan's stealth makes it difficult for both app reviewers and mobile users to detect.
In addition, the permissions that the trojan requests are quite reasonable, making it easy for users to ignore, such as access to the photo library. Because everyone thinks that the application needs to be granted this permission to operate more conveniently, for example when contacting customer support.
When analyzing the Android versions of the malware, Kaspersky experts found that the malware comments were written in Chinese. Additionally, the iOS version contained the developer's original folder names "qiongwu" and "quiwengjing," suggesting that the bad guys behind the campaign were fluent in Chinese. However, there is currently not enough evidence to attribute the campaign to a cybercriminal group.
Kaspersky has reported the above malicious applications to Google and Apple.
To avoid falling victim to this malware, Kaspersky recommends:
- If you have installed one of the infected apps, remove it from your device immediately and do not use it again until a new update is available to fix the problem.
- Avoid storing screenshots containing sensitive information in your photo library, including cryptocurrency wallet keys. Passwords should be stored in dedicated security applications.
- Use reliable security software like Kaspersky Premium to prevent the risk of malware infection.
Jessica TannerYou should read it
- The 5 most 'dirty' tricks of malware
- Detecting a Google Drive vulnerability could allow hackers to trick users into installing malware
- What is SS7 attack? What can hackers use it for?
- How to prevent RAT attacks and take control of PC
- Next year will allow white hat hackers to attack Vietnam's No. 1 safety systems
- The hacker group threatened to spread the network attack tool behind WannaCry
- What do you know about the first 'cyber attack' in the world?
- How Hacker works
May be interested
- 5 types of malware on Android
malware or malware can affect mobile devices as well as computers. a little bit of knowledge and proper precautions can protect you from threats like ransomware and sextortion scam. - This new malware can take root of Android smartphonesmalware with the ability to take root of the device is often many times more dangerous than normal malware.
- This is how technology shapes education in the futureai, machine learning and educational software not only change the fields for students, they also play a big role with teachers. join tipsmake.com to learn how future shaping technology in the article below!
- The new AI chip allows the artificial eye to finish analyzing images in a matter of nanosecondsnew technology will be a great aid to machine vision.
- Detect hardware Trojans using machine learning technologykeysight technologies' experts claim that the combination of the cx3300's high-bandwidth high-resolution dynamic current measurement capabilities and keysight's ultra-fast clustering algorithm so far is an effective means of identifying trojans.
- DeepScribe: AI can translate ancient texts thousands of years oldscientists at the university of chicago have recently developed an artificial intelligence system, based on machine learning technology that can analyze and translate ancient texts, found on clay tablets. thousands of years old into modern languages.
- The best Python tools for Machine Learning and Data Sciencepython has many great libraries and frameworks that are good for coding and developing computer science. quantrimang invites you to discuss some useful python tools for both machine learning and data science applications.
- Free online learning about AI and Machine learning on Google websiteto make ai and machine learning (ml) more accessible to everyone, google will offer free online courses on its website called learn with google ai.
- Google released the TensorFlow machine learning framework specifically for graphical datagoogle has recently officially introduced neural structured learning (nsl), an open source machine learning (artificial intelligence) framework ...
- 3.5 million WSL users can now use GPU Compute from Linux right on Windowsgpu compute is often used in machine learning tasks, on wsl 2.
Tech info
- Record number of users and messages sent per day via Zalo
- After DeepSeek, the tech world is shocked by China's new AI
- Apple is about to surprise users with iOS 18.3.1
- One UI 7 still can't be deployed because of Samsung's mistake
- Americans are reluctant to buy new iPhones because of TikTok
- Having struggled in many countries, why is TikTok still popular in Vietnam?
Record number of users and messages sent per day via Zalo
After DeepSeek, the tech world is shocked by China's new AI
Apple is about to surprise users with iOS 18.3.1
One UI 7 still can't be deployed because of Samsung's mistake
Americans are reluctant to buy new iPhones because of TikTok
Having struggled in many countries, why is TikTok still popular in Vietnam?