Skip to content
logo The magazine for digital lifestyle and entertainment
A brand of Bild
Several Apps Affected

Nasty Malware Can Read Screenshots on Smartphones

Experts are currently warning of a nasty malware on smartphones
Experts are currently warning of a nasty malware on smartphones Photo: Getty Images

February 11, 2025, 9:40 pm | Read time: 2 minutes

Smartphone users currently have to watch out for the “SparkCat” malware. TECHBOOK explains which apps it is hiding in.

Share article

Malicious software is unfortunately lurking everywhere on the Internet. And if you don’t take appropriate security precautions, you risk getting it on your own hardware. Smartphone users should currently make sure that their devices are not infected with “SparkCat.” The malware targets specific content and hides in various applications.

“SparkCat” in the Google Play Store and Apple App Store

The security experts at Kaspersky have pointed out the danger in a new blog post. According to them, “SparkCat” has the ability to recognize and read characters in images. The focus is on information about various crypto wallets.

For example, anyone who has saved phrases or codes to restore access to their own crypto wallets as an image for the sake of simplicity is potentially acting with gross negligence. “SparkCat” is designed to scan photos and screenshots for such information and then extract it. According to the report, infected applications could be found in both the Google Play Store and the Apple App Store. But they have also been seen in unofficial stores.

Google and Apple Have Already Responded

Google and Apple are said to have removed the affected apps in the meantime. Nevertheless, they can still be used on numerous smartphones. After all, “SparkCat” is said to have been active since March 2024. In the Play Store alone, the corresponding apps have been downloaded more than 242,000 times.

These include apps for food deliveries in the United Arab Emirates and an Indonesian program called “ComeCome.” The AI chat apps “AnyGPT” and “WeTink” are also affected. However, these are relatively unknown.

The latter, in particular, may have become more widespread internationally as they appeal to a broader audience. It should also be borne in mind that Apple and Google have already reacted. However, it is unknown how and whether operators of alternative app stores will react.

More on the topic

What Those Affected Should Do

It is also unclear how “SparkCat” infiltrates the apps in the first place. It is conceivable that they are specially designed to attract the unsuspecting. This would make them criminal apps. Or it could be a supply chain attack in which programs for app development are infected.

Kaspersky advises deleting the apps and, if at all, only reinstalling them after an official development fix. Furthermore, you should refrain from taking screenshots with sensitive information and use special password managers. An antivirus program should also always be installed.

This article is a machine translation of the original German version of TECHBOOK and has been reviewed for accuracy and quality by a native speaker. For feedback, please contact us at info@techbook.de.

Topics App Store News Play Store Security
Your data privacy when using the share function
To share this article or other content via social networks, we need your consent for this .
You have successfully withdrawn your consent to the processing of personal data through tracking and advertising when using this website. You can now consent to data processing again or object to legitimate interests.