20 Apps with Hidden Crypto-Stealing Malware from Google Play Store and Apple App Store

Apple and Google have removed 20 apps from their app stores after discovering they contained dangerous malware. Security company Kaspersky found the malware, called SparkCat, had been active since March 2024.

The malware was first found in a food delivery app used in the UAE and Indonesia. Researchers then discovered it in 19 other apps. These apps were downloaded more than 242,000 times from Google’s Play Store alone.

The malware used special code to scan users’ photo galleries, looking for cryptocurrency wallet recovery phrases in multiple languages. With these phrases, attackers could take control of victims’ crypto wallets and steal their funds. The malware could also steal personal information from screenshots, including messages and passwords.

Both Apple and Google removed the compromised apps after receiving the security report. Google confirmed the removals and banned the developers. The company said its Play Protect feature now guards Android users against known versions of this malware.

Kaspersky warned that while the apps are gone from official stores, the malware might still spread through unofficial app stores and websites.

Apple has not commented on the situation.

This incident highlights the importance of downloading apps only from official sources and being cautious about app permissions.