Apple and Google take down malicious mobile apps from their app stores – TechCrunch
Latest
AI
Amazon
Apps
Biotech & Health
Climate
Cloud Computing
Commerce
Crypto
Enterprise
EVs
Fintech
Fundraising
Gadgets
Gaming
Government & Policy
Hardware
Layoffs
Media & Entertainment
Meta
Microsoft
Privacy
Robotics
Security
Social
Space
Startups
TikTok
Transportation
Venture
Events
Startup Battlefield
StrictlyVC
Newsletters
Podcasts
Videos
Partner Content
TechCrunch Brand Studio
Crunchboard
Contact Us
Apple and Google have pulled as many as 20 apps from their respective app stores after security researchers found the apps were carrying data-stealing malware for almost a year.Security researchers at Kaspersky said the malware, dubbed SparkCat, has been active since March 2024. Initially, the researchers found the malicious framework within a food delivery app used in the United Arab Emirates and Indonesia but later found the malware on 19 other, unrelated apps, which they say were cumulatively downloaded more than 242,000 times through Google’s Play Store.Using code that’s designed to capture text visible on the user’s display — known as optical character recognition (OCR) — researchers found the malware scanned the image galleries on victims’ devices for keywords to find recovery phrases for cryptocurrency wallets across various languages, including English, Chinese, Japanese, and Korean.By using the malware to capture a victim’s recovery phrases, attackers could gain complete control over a victim’s wallet and steal their funds, the researchers found.The malware could also enable the extraction of personal information from screenshots, such as messages and passwords, the researchers said.Upon receiving the report from the researchers, Apple pulled the compromised apps from the App Store last week, followed by Google.“All of the identified apps have been removed from Google Play, and the developers have been banned,” Google spokesperson Ed Fernandez told TechCrunch.Google’s spokesperson also confirmed that Android users were protected from known versions of this malware through the in-built Google Play Protect security feature.Apple did not respond to requests for comment.Kaspersky spokesperson Rosemarie Gonzales told TechCrunch that while the reported apps were pulled from the official app stores, the company’s telemetry data suggested that the malware was also available from other websites and non-official app stores.Topics
Reporter
CISA election security officials placed on leave, DHS confirms
Google changed the Gulf of Mexico to the Gulf of America on Maps
Zeta valued at $2B in new funding
These are the investors funding Musk’s $97 billion OpenAI takeover attempt
Is AI making us dumb?
Google expands NotebookLM Plus to individual users
Perplexity’s Super Bowl ‘tweet’ increased app installs by 50%
Subscribe for the industry’s biggest tech newsEvery weekday and Sunday, you can get the best of TechCrunch’s coverage.TechCrunch’s AI experts cover the latest news in the fast-moving field.Every Monday, gets you up to speed on the latest advances in aerospace.Startups are the core of TechCrunch, so get our best coverage delivered weekly.By submitting your email, you agree to our Terms and Privacy Notice.© 2024 Yahoo.
Source: https://techcrunch.com/2025/02/10/apple-and-google-take-down-malicious-apps-from-their-app-stores/
