卡巴斯基發現SparkCat惡意軟件針對加密恢復短語

Kaspersky Uncovers Sophisticated "SparkCat" Malware Campaign Targeting Crypto Recovery Phrases

卡巴斯基（Kaspersky

Kaspersky researchers have unveiled a significant malware threat known as SparkCat. This malware discreetly scans users' mobile device photo galleries for cryptocurrency recovery phrases hidden within screenshots.

卡巴斯基的研究人員揭露了一個重大的惡意軟件威脅，稱為SparkCat。該惡意軟件謹慎地掃描用戶的移動設備照片庫，以掩蓋隱藏在屏幕截圖中的加密貨幣恢復短語。

Modus Operandi and Impact

作案手法和影響

SparkCat operates silently, unlike typical scams that promise financial rewards. Its covert nature makes assessing its financial impact challenging. Kaspersky, a renowned cybersecurity firm, detected the malware on Google Play and the App Store since March 2024.

SparkCat靜靜地運作，這與承諾財務回報的典型騙局不同。它的秘密性質使評估其財務影響具有挑戰性。自2024年3月以來，著名的網絡安全公司卡巴斯基（Kaspersky）在Google Play和App Store上發現了惡意軟件。

Employing machine learning, the malware analyzes images for sensitive information such as crypto wallet recovery phrases and passwords.

使用機器學習，惡意軟件分析圖像以獲取敏感信息，例如加密錢包恢復短語和密碼。

Disguise and Target

偽裝和目標

SparkCat disguises itself within seemingly innocuous applications, granting attackers access to users' photo galleries. Its primary objective is to stealthily extract recovery keys.

SparkCat在看似無害的應用程序中偽裝自己，使攻擊者訪問用戶的照片庫。它的主要目的是偷偷提取恢復鍵。

Kaspersky has not disclosed the amount of currency or cryptocurrency stolen, but emphasizes the attack's sophisticated nature.

卡巴斯基尚未透露貨幣或加密貨幣被盜的量，而是強調了襲擊的複雜性。

The campaign primarily targeted users in Europe and Asia. Researchers suggest the attackers may be of Chinese origin, based on the malware's source code.

該運動主要針對歐洲和亞洲的用戶。研究人員認為，根據惡意軟件的源代碼，攻擊者可能是中國起源的。

Security Implications

安全含義

While the affected apps have been removed, the SparkCat discovery is significant as it shows that crypto-related malware attacks are evolving. This strategy differs from social media-based scams involving meme coins, which often rely on aggressive deception tactics.

儘管已刪除了受影響的應用程序，但SparkCat的發現很重要，因為它表明與加密相關的惡意軟件攻擊正在發展。該策略與涉及模因硬幣的基於社交媒體的騙局不同，這些騙局通常依賴於積極的欺騙策略。

SparkCat's ability to bypass multiple security measures raises concerns about the potential for similar threats in the future.

SparkCat繞過多種安全措施的能力引起了人們對未來類似威脅的潛力的擔憂。