Malicious mobile apps are removed from the app stores by Google and Apple

Kaspersky security experts say the malware, called SparkCat, has been active since March 2024. The detrimental foundation was initially found by the researchers in a meal delivery business that was utilized in the United Arab Emirates and Indonesia. The researchers later found the malware on 19 more, unrelated apps that had been downloaded over 242,000 times in total from the Google Play Store.
The researchers found that by utilizing the virus to record the victim’s recovery phrases, attackers can seize complete control of the victim’s wallet and steal their money.
The researchers speculate that the malware might also enable the extraction of private information from screenshots, such as messages and passwords.
Following receipt of the researchers’ information, Apple and Google took the compromised apps down from the App Store last week.
Ed Fernandez, a Google representative, told TechCrunch
“All of the identified apps have been removed from Google Play, and the developers have been banned,”.
Additionally, a Google spokesman confirmed that Android users were protected against known versions of this virus by the integrated Google Play Protect security mechanism.
Apple did not respond to requests for a statement.
Rosemarie Gonzales, a representative for the company, told TechCrunch that Kaspersky’s telemetry data showed that the malware was also available from other websites and unauthorized app stores, even after the reported apps were taken down from the official app stores.