Yesterday, cybersecurity experts at Kaspersky revealed details about a new type of malware called “SparkCat” that was found in a handful of iOS apps. Following this revelation, Apple swiftly removed these apps from its App Store.
Among the apps affected were ComeCome, WeTink, and AnyGPT. In total, 11 apps were taken down, but Apple’s investigation led to the discovery of an additional 89 apps with similar malicious code, which had already been rejected or removed due to Apple’s strict anti-fraud rules. When Apple removes an app for such reasons, it also shuts down the developer’s account.
According to Kaspersky, the malware included a harmful tool that could read text from images and screenshots on iPhones, particularly targeting recovery phrases for cryptocurrency wallets. The aim was to steal valuable information like bitcoin codes, but it could also grab other sensitive phrases like passwords.
Apple’s default settings prevent apps from accessing your photos without your permission. However, if users granted these apps access to their photo library, the malware could scan for and transmit any matching key phrases to a server controlled by the attackers. The malware seemed to focus on iOS users in Europe and Asia.
Since the release of iOS 14, Apple has improved how apps can access your photos, allowing users to permit only specific images rather than the whole album. It’s wise to be cautious with app permissions and avoid granting access to all your photos to apps that seem suspicious.
Apple also offers an “App Privacy Report” feature, which you can find in the Privacy section of your iPhone’s Settings. This report shows when and how often apps access your sensitive data like your location, photos, camera, and microphone.
It’s always good to keep an eye on these privacy settings to protect your personal information.