By using this site, you agree to the Privacy Policy and Terms of Use.
Accept
Pew PatriotsPew PatriotsPew Patriots
Notification Show More
Font ResizerAa
  • Home
  • News
  • Tactical
  • Guns and Gear
  • Prepping & Survival
  • Videos
Reading: SparkKitty mobile malware targets Android and iPhone
Share
Font ResizerAa
Pew PatriotsPew Patriots
  • News
  • Tactical
  • Guns and Gear
  • Prepping & Survival
  • Videos
Search
  • Home
  • News
  • Tactical
  • Guns and Gear
  • Prepping & Survival
  • Videos
Have an existing account? Sign In
Follow US
SparkKitty mobile malware targets Android and iPhone
News

SparkKitty mobile malware targets Android and iPhone

Jimmie Dempsey
Last updated: July 1, 2025 2:36 pm
Jimmie Dempsey Published July 1, 2025
Share
SHARE

NEWYou can now listen to Fox News articles!

Bad actors constantly seek every bit of personal information they can get, from your phone number to your government ID. Now, a new threat targets both Android and iPhone users: SparkKitty, a powerful mobile malware strain that scans private photos to steal cryptocurrency recovery phrases and other sensitive data.

Sign up for my FREE CyberGuy Report
Get my best tech tips, urgent security alerts, and exclusive deals delivered straight to your inbox. Plus, you’ll get instant access to my Ultimate Scam Survival Guide — free when you join my CYBERGUY.COM/NEWSLETTER.

What is SparkKitty mobile malware

Researchers at cybersecurity firm Kaspersky recently identified SparkKitty. This malware appears to succeed SparkCat, a campaign first reported earlier this year that used optical character recognition (OCR) to extract sensitive data from images, including crypto recovery phrases.

SparkKitty goes even further than SparkCat. According to Kaspersky, SparkKitty uploads images from infected phones without discrimination. This tactic exposes not just wallet data but also any personal or sensitive photos stored on the device. While the main target seems to be crypto seed phrases, criminals could use other images for extortion or malicious purposes.

Kaspersky researchers report that SparkKitty has operated since at least February 2024. Attackers distributed it through both official and unofficial channels, including Google Play and the Apple App Store.

SparkKitty uploads images from infected phones without discrimination.

How SparkKitty malware infects Android and iPhone devices

Kaspersky found SparkKitty embedded in several apps, including one called 币coin on iOS and another called SOEX on Android. Both apps are no longer available in their respective stores. SOEX, a messaging app with cryptocurrency-related features, reached more than 10,000 downloads from the Google Play Store before its removal.

On iOS, attackers deliver the malware through fake software frameworks or enterprise provisioning profiles, often disguised as legitimate components. Once installed, SparkKitty uses a method native to Apple’s Objective-C programming language to run as soon as the app launches. It checks the app’s internal configuration files to decide whether to execute, then quietly starts monitoring the user’s photo library.

On Android, SparkKitty hides in apps written in Java or Kotlin and sometimes uses malicious Xposed or LSPosed modules. It activates when the app launches or after a specific screen opens. The malware then decrypts a configuration file from a remote server and begins uploading images, device metadata, and identifiers.

On iOS, attackers deliver the malware through fake software frameworks or enterprise provisioning profiles.

Why SparkKitty is more dangerous than previous malware

Unlike traditional spyware, SparkKitty focuses on photos, especially those containing cryptocurrency recovery phrases, wallet screenshots, IDs, or sensitive documents. Instead of just monitoring activity, SparkKitty uploads images in bulk. This approach makes it easy for criminals to sift through and extract valuable personal data. 

4 ways to protect your phone from SparkKitty mobile malware

1) Stick to trusted developers: Avoid downloading obscure apps, especially if they have few reviews or downloads. Always check the developer’s name and history before installing anything.

2) Review app permissions: Be cautious of apps that request access to your photos, messages, or files without a clear reason. If something feels off, deny the permission or uninstall the app.

3) Keep your device updated: Install system and security updates as soon as they are available. These updates often patch vulnerabilities that malware can exploit.

4) Use mobile security software: The best way to safeguard yourself from malicious software is to have strong antivirus software installed on all your devices. Get my picks for the best 2025 antivirus protection winners for your Windows, Mac, Android & iOS devices by visiting CyberGuy.com/LockUpYourTech.

Kurt’s key takeaway

Both Apple and Google removed the identified apps after being alerted, but questions remain about how SparkKitty bypassed their app review processes in the first place. As app stores grow, both in volume and complexity, the tools used to screen them will need to evolve at the same pace. Otherwise, incidents like this one will continue to slip through the cracks.

Do you think Google and Apple are doing enough to protect users from mobile malware and evolving security threats? Let us know by writing to us at Cyberguy.com/Contact.

Sign up for my FREE CyberGuy Report
Get my best tech tips, urgent security alerts, and exclusive deals delivered straight to your inbox. Plus, you’ll get instant access to my Ultimate Scam Survival Guide – free when you join my CYBERGUY.COM/NEWSLETTER.

Copyright 2025 CyberGuy.com. All rights reserved.

Read the full article here

You Might Also Like

New stem cell therapy shows ‘promising’ results for treating hair loss in preclinical trials

Comedian Bobby Lee theorizes he was one of the ‘woke elements’ cut from ‘Sex and the City’ spinoff

Anti-Israel protesters arrested after storming Schumer, Gillibrand’s NYC office building

Rays’ Hunter Bigge carted off field in ‘terrifying’ scene after being struck in the face by 105-mph ball

DOGE reveals bizarre findings of unemployment insurance claims survey: ‘This is so crazy’

Share This Article
Facebook Twitter Email Print
Leave a Comment

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

We Recommend
Carly Pearce shows off bikini body and new boyfriend in summer photo dump
News

Carly Pearce shows off bikini body and new boyfriend in summer photo dump

Jimmie Dempsey Jimmie Dempsey September 5, 2025
Troops will be drug tested for psychedelic mushroom use, Pentagon says
Ancient Egyptian ‘party town’ building and relics pulled out in ocean discovery
Dad of Burning Man homicide victim demands justice after son found ‘in pool of blood’
Venezuelan fighter jets conduct ‘show of force’ near US Navy vessel
OUTBREAK ALERT: Congo Declares New Ebola Outbreak!
Is Your Gun Clean Enough?
NewsVideos

Is Your Gun Clean Enough?

hickok45 hickok45 September 5, 2025
Bryan Kohberger says he was diagnosed with 4 mental disorders before guilty plea: report
News

Bryan Kohberger says he was diagnosed with 4 mental disorders before guilty plea: report

Jimmie Dempsey Jimmie Dempsey September 5, 2025
First Look: Taurus 66 Combat Revolver
Tactical

First Look: Taurus 66 Combat Revolver

Jimmie Dempsey Jimmie Dempsey September 5, 2025
Pew Patriots
  • News
  • Tactical
  • Prepping & Survival
  • Videos
  • Guns and Gear
2024 © Pew Patriots. All Rights Reserved.
Welcome Back!

Sign in to your account

Username or Email Address
Password

Lost your password?