Close Menu
Invest Intellect
    Facebook X (Twitter) Instagram
    Invest Intellect
    Facebook X (Twitter) Instagram Pinterest
    • Home
    • Commodities
    • Cryptocurrency
    • Fintech
    • Investments
    • Precious Metal
    • Property
    • Stock Market
    Invest Intellect
    Home»Cryptocurrency»DeepSeek security risk – AI tool “vulnerable” to attacks, says report
    Cryptocurrency

    DeepSeek security risk – AI tool “vulnerable” to attacks, says report

    February 6, 20254 Mins Read



    • Apps delivering malware to users to steal crypto found on iOS app store
    • Some of these apps have thousands of installs across iOS and Android
    • The ‘SparkCat’ campaign has been active since March 2024

    Crypto-stealing malware dubbed ‘SparkCat’ has been discovered on iOS and Android app stores, and is embedded with a ‘malicious SDK/framework for stealing recovery phrases for crypto wallets’.

    A report from Kaspersky has identified malicious apps, some with upwards of 10,000 downloads, that scan the victims gallery to find keywords – if relevant images are found, they are then sent to a C2 server.

    This is the first time a stealer has been found in Apple’s App store, and this is significant because Apple reviews every entry to ‘help provide a safe and trusted experience for users’ – so these malware-infected apps show that the review process is not as robust as it should be.

    Although aimed at stealing cryptocurrency wallet recovery phrases, Kaspersky notes that the malware is ‘flexible enough’ to steal other sensitive data from victim’s galleries – here’s what we know.

    Multiple malicious apps

    The ‘SparkCat’ malware campaign was first discovered in late 2024, and is suspected to have been active since March 2024.

    The first app Kaspersky identified was a Chinese food delivery app, ComeCome. The app had over 10,000 downloads and was based in Indonesia and the UAE. The app was embedded with malicious content, and contained OCR spyware which chose images from the infected devices to exfiltrate and send to the C2 server.

    This wasn’t the only infected app though, and researchers found that infected apps available in Google Play had been downloaded a combined total of over 242,000 times. In 2024, over 2 million risky Android apps were blocked from the Play Store, including some which tried to push malware and spyware – so although Google is improving its protections, clearly some still make it through.

    Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed!

    In the app store, some apps ‘appeared to be legitimate’, like the food delivery services, while others had apparently been built to ‘lure victims’. An example of this, researchers outlined, is a series of similar AI-featured ‘messaging apps’ by the same developer, including AnyGPT and WeTink.

    It’s not clear whether these infections are deliberate actions by developers, or are a result of supply chain attacks, but the report does note that the “permissions that it requests may look like they are needed for its core functionality or appear harmless at first glance.”

    “What makes this Trojan particularly dangerous is that there’s no indication of a malicious implant hidden within the app” Kaspersky adds.

    Mitigating malware

    If you have one of the infected apps installed on your device, Kaspersky of course recommends removing it and steering clear until a fix is released – the list of infected apps can be found here.

    There is software that can help protect your device, like antivirus software – and as a key part of this malware in particular is the exfiltration of sensitive data through screenshots, the best advice is to avoid storing passwords, confidential documents, or sensitive information in your gallery.

    Instead, check out the best password managers to securely store your information, as these present a much safer and convenient option to keeping your passwords in your photos. Make sure you don’t reuse passwords on multiple sites, and change your passwords regularly to avoid a breach.

    There are some tricks to avoid malware apps, and considering that dangerous malware apps have been found to have been installed millions of times, it’s always best to be safe.

    First of all, be wary of the warning signs. Go through the feedback and reviews – especially the negatives, as it’s likely someone else will have already flagged a bug. Be very suspicious of an app which asks for your existing social media credentials – as this could be criminals looking to hijack your account.

    You might also like



    Source link

    Share. Facebook Twitter Pinterest LinkedIn Tumblr Email

    Related Posts

    How Does Cryptocurrency Actually Work Behind The Scenes?

    Cryptocurrency

    What Is Cryptocurrency And Why Is It Changing The Way We Think About Money?

    Cryptocurrency

    Delhi Police arrests Pune man for duping woman of over Rs 12 lakh in cryptocurrency scam – ThePrint – PTIFeed

    Cryptocurrency

    Decoding Digital Assets: Understanding Crypto Tokens, Coins, And Their Real-World Use Cases

    Cryptocurrency

    Chemistry graduate from Pune held for cheating Delhi woman of Rs 12 lakh in cryptocurrency investment scam

    Cryptocurrency

    What Do Investors Need to Know About Real-World Assets (RWAs) in Cryptocurrency?

    Cryptocurrency
    Leave A Reply Cancel Reply

    Top Picks
    Investments

    Worried about your 401k, investments after Trump’s tariffs? Here’s some expert advice

    Stock Market

    Will stock market bleed as India-Pakistan tensions escalate? History says… – Firstpost

    Cryptocurrency

    The Hidden Risks of Digital Currency: Navigating Cybersecurity in the Age of Web3

    Editors Picks

    Dalma, l’assurtech des animaux, lève près de 20 millions d’euros

    March 16, 2025

    Datavault AI to Deploy AI-Driven Supercomputing for Biofuel Innovation

    June 17, 2025

    Quinn continues ‘millionaire surcharge’ push for Illinois property tax relief | 101.5 WCIL-FM

    October 10, 2024

    Argentina’s president faces backlash for endorsing cryptocurrency that crashed

    February 17, 2025
    What's Hot

    SoFi Technologies: A Fintech Superstar Available At A Deep Discount (NASDAQ:SOFI)

    August 7, 2024

    To Improve Crypto Tax Gap, IRS Must Enhance Compliance Efforts

    July 23, 2024

    InterRent Real Estate Investment Trust : National Bank maintient sa recommandation neutre

    May 16, 2025
    Our Picks

    Gold: Increased demand for the precious metal and predictions for new records in 2025

    March 21, 2025

    DexBoss (DEBO) is the Top Choice for Investors

    February 20, 2025

    Scottish house price growth outstrips rest of UK

    October 23, 2024
    Weekly Top

    Metal Hammer Tracks Of The Week: August 1, 2025

    August 1, 2025

    Resilient, recovering commercial real estate market forecasted for investment growth

    August 1, 2025

    Amazon joins innovative partnership to launch first-of-its-kind energy project: ‘It’s a triple win’

    August 1, 2025
    Editor's Pick

    GII Saudi Arabia plans to double its US investments

    March 19, 2025

    La nouvelle entreprise hospitalière indienne de PB Fintech, société mère de Policybazaar, lève 218 millions de dollars

    May 7, 2025

    Grande Asset Hotels and Property annonce un défaut de paiement sur ses obligations GRAND256A

    June 24, 2025
    © 2025 Invest Intellect
    • Contact us
    • Privacy Policy
    • Terms and Conditions

    Type above and press Enter to search. Press Esc to cancel.