The new SparkKitty Trojan spy in the App Store and Google Play
Essential information
- Published
- 23/06/2025 09:21
- Modified
- 24/06/2025 14:24
- Tags
- 2025-06-23 android china cryptocurrency ios southeast asia sparkcat sparkkitty spyware
- Related entities
- 20 observables, 1 techniques (mitre), 2 malware, 1 others
Description
A new spyware campaign dubbed SparkKitty has been discovered targeting both iOS and Android devices. The malware, believed to be connected to the previously identified SparkCat campaign, is distributed through official app stores and unofficial sources. It primarily steals photos from infected devices, likely searching for cryptocurrency wallet information. The campaign has been active since at least February 2024 and mainly targets users in Southeast Asia and China. The malware is embedded in various apps, including modified versions of popular applications like TikTok, and uses different techniques to evade detection. The researchers identified multiple variations of the malware, including obfuscated libraries and malicious frameworks mimicking legitimate ones.