Ask many users why they prefer iOS to Android and they’ll say security. Yes, Apple products tend to be more secure overall, but that may be slowly changing. For the very first time, screenshot malware has infiltrated the App Store, putting iPhone users at risk.
Screenshots Not Safe From App Store Malware
Do you often take screenshots of codes and even account creation pages to remember login codes, usernames, and passwords? That’s what hackers are hoping iPhone users do. A new malware operation being called SparkCat has infiltrated Apple’s App Store with optical character recognition (OCR)-enabled malware.
In layman’s terms, the malware reads your screenshots. Hackers are pulling any and all text from the screenshot. Sure, it may seem safe to take screenshots of sensitive information, but hackers are taking advantage of that false sense of security.
Currently, security experts have discovered infected apps from the App Store, Google Play Store, and third-party app stores and sites. Over 250,000 downloads have occurred across the two major app stores.
While it’s nothing new for Play Store apps to have malware issues, it’s highly uncommon on the App Store, due to Apple’s stringent review process.
The main goal, though, with this new malware attack is to steal crypto recovery codes to gain access to cryptocurrency wallets. Of course, that doesn’t mean the malware isn’t searching for other sensitive data as well.
OCR spyware is a new threat for the App Store. Other forms of malware have happened before, but it’s rare. A few of the infected apps include WeTink, ComeCome, and ChatAI. It seems to mainly be a part of messaging, food delivery, and AI apps.
If you want to see the code and full list of affected apps Kaspersky has discovered so far, check out the in-depth look into SparkCat.
It’s important to note that even if you use a VPN, which is a good way to protect yourself, SparkCat-infected apps can still read your screenshots.
Apple’s Continuing Security Issues
Apple’s probably not too thrilled about this recent development. After all, it was recently announced that multiple chip types found in Apple products are prone to SLAP and FLOP attacks. These attacks are taking advantage of a flaw within the chips to read data from the device’s memory, especially browsers.
So far, researchers have discovered the attacks are pulling data from Safari and Chrome. Any services you access, such as checking your iCloud data or viewing messages on Gmail, could be compromised.
The same hardware and software Apple uses to accelerate processing speeds are giving hackers an in to your device. The worst part: the vulnerability has existed since 2021 and affects many Apple laptops, desktops, phones, and tablets that have A15 and A16 Bionic, A17 Pro, M2, M3, or M4 chips. And no, there isn’t currently a fix. I’d suggest wiping your browsing history on Apple devices to remove the content from memory after each session.
If you’re thinking about downloading an antivirus to protect you, check out the difference between antivirus and anti-malware apps first. Also, learn how to better protect yourself while using Safari.
Image credit: Unsplash
