Despite Apple’s rigorous app review system, it looks like some stealer apps have successfully slipped through the cracks and made their way into the App Store and onto iPhones. This is according to a report from Kaspersky who discovered a malware campaign called SparkCat.
SparkCat Malware
The SparkCat malware actively scans a user’s image gallery for recovery phrases. For those unfamiliar, recovery phrases serve as passcodes used to access cryptocurrency wallets. By extracting this data from images, the attacker can then gain full access to their victims’ crypto funds and drain their accounts in the process. Depending on how much crypto you own, you could be easily out of thousands of dollars in minutes!
According to Kaspersky, how the malware works is it uses an OCR plug-in built with Google’s ML Kit library. This allows it to scan text from images. This means that it has the potential to read other types of sensitive information stored in screenshots.
This includes passwords, private messages, and financial details. If, for whatever reason, you decide to take screenshots of your passwords, banking information, or private messages, all of that information could be ripe for the picking if your phone is infected by this malware.
It’s unclear whether the developers created these apps to hide the malware or if the apps somehow became infected due to a supply chain attack.
Debunking the Apple Myth
For years, some have perpetuated the myth that Apple’s devices are impervious to any malware attack. To be fair, Apple has a pretty strict review process when it comes to apps. The company has famously rejected apps over the tiniest details.
However, this SparkCats malware campaign has debunked that myth. It would make sense if the malware attacked users through phishing campaigns, SMS, or emails. The fact that the malware made it past Apple’s review process and into the App Store is rather alarming. In fact, some of these infected apps are still available on Google Play and the App Store. This means thousands of users are still at risk.
In a way, it’s ironic. Remember how Apple made a big fuss in a bid to prevent users from sideloading apps and installing third-party app stores? According to Apple, the company claimed that this was due to security and privacy reasons. However, the fact that these iPhone stealer apps somehow escaped Apple’s notice is borderline hilarious.
