Apple has taken strong measures by removing 11 applications from its App Store following a notification from cybersecurity firm Kaspersky that highlighted these apps as being impacted by a new malware variant referred to as “SparkCat.” This harmful software was discovered embedded in applications like ComeCome, WeTink, and AnyGPT, and it had the ability to scan users’ photos to pull sensitive information using OCR (Optical Character Recognition) technology.
The malware was primarily designed to capture recovery phrases for cryptocurrency wallets with the intention of stealing Bitcoin and various other digital currencies. Moreover, it could also be leveraged to collect passwords and additional private information from images and screenshots stored on iPhones.
In response to this danger, Apple promptly acted to remove the flagged applications, while also revealing an extra 89 applications that harbored the same malicious code. These additional apps had either been previously denied or taken down from the App Store for breaching Apple’s fraud regulations. Additionally, Apple revoked developer accounts linked to this fraudulent activity as part of its security measures.
The applications in question required user agreement to access the Photo Library. Once users provided permission, the malware could examine images for keywords set by the attackers, and subsequently upload any relevant information to a remote server. Kaspersky observed that the campaign seemed to primarily target users within Europe and Asia.
Apple has stressed the enhanced security features introduced in iOS 14, allowing users to grant access to only selected images instead of their entire library. Furthermore, the App Privacy Report, which can be found in the Settings app, offers users insights regarding how often apps access sensitive data, such as photos, location information, microphone, and camera.
To reduce such risks, users are encouraged to refrain from granting unnecessary permissions to applications and to frequently check their device’s privacy settings.
Image Source: oasisamuel / Shutterstock
