Kaspersky reveals new malware campaign targeting smartphones
- Kaspersky discovered malware that invades both Apple and Android app stores, gaining unauthorized access to users' photos.
- The SparkKitty malware was active since at least February 2024, impacting countless smartphone users.
- Users are advised to delete the harmful apps immediately to protect their personal data.
In February 2024, a malicious campaign began targeting iPhone and Android users through reputable app stores. Researchers at Kaspersky discovered the SparkKitty malware, designed to uncontrolledly steal images from users' galleries without consent. This spyware was introduced into the official app stores, resulting in significant concerns regarding user data privacy and the security of popular smartphone applications. The apps, identified as 5eCoin on iPhone and SOEX on Android, were subsequently removed. Following this discovery, Google confirmed that the developer of the SOEX app has faced repercussions, including a ban, and reassured users that Google Play Protect would shield Android users from potential threats. More troubling is the fact that SparkKitty may have roots in previous malware, known as SparkCat, which specifically targeted images related to cryptocurrency wallets. This history underscores the evolving landscape of cybersecurity threats faced by everyday smartphone users, prompting security experts to highlight the need for ongoing vigilance and preemptive security measures. The report by Kaspersky serves as a stark reminder of the vulnerabilities associated with modern mobile technology and the urgent necessity for both consumers and developers to prioritize security.