Techly NewsGet the app

Get the latest tech news

OCR Crypto Stealers in Google Play and App Store


Kaspersky experts discover iOS and Android apps infected with the SparkCat crypto stealer in Google Play and the App Store. It steals crypto wallet data using an OCR model.

{ "code": 0, "message": "success", "data": { "keywords": ["助记词", "助記詞", "ニーモニック", "기억코드", "Mnemonic", "Mnemotecnia", "Mnémonique", "Mnemonico", "Mnemotechnika", "Mnemônico", "클립보드로복사", "복구", "단어", "문구", "계정", "Phrase"] } } As with the Android-specific version, the iOS malware utilized the ML Kit interface, which provided access to a Google OCR model trained to recognize text and a Rust library that implemented a custom C2 communication protocol. As with the Android-specific version, the Trojan implements three modes of filtering OCR output: keywords, word length, and localized dictionaries stored in encrypted form right inside the framework, in a “wordlists” folder.

Get the Android app

Or read this on Hacker News

Read more on:

Photo of App Store

App Store

Photo of Google Play

Google Play

Photo of ocr crypto stealers

ocr crypto stealers

Related news:

News photo

Kaspersky researchers find screenshot-reading malware on the App Store and Google Play

News photo

iOS App Store apps with screenshot-reading malware found for the first time

News photo

China considers probe into Apple's policies and App Store fees, Bloomberg News reports

« How to Prepare Your Next RPG Campaign Instantly
The biggest breach of US government data is under way »