Malware featuring screen reading code, called “SparkCat,” has been discovered in iOS Apps, enabling the extraction of sensitive data from screenshots. Identified by Kaspersky, this malware uses OCR technology to target crypto wallet recovery phrases, posing a risk of cryptocurrency theft. Apps like ComeCome, WeTink, and AnyGPT have been linked to this issue. The malware has been active since March 2024 and although similar threats were previously found on Android and PC, this marks the first instance on iOS. Recommendations include avoiding saving sensitive screenshots in photo libraries.
