卡巴斯基发现SparkCat恶意软件针对加密恢复短语

Kaspersky Uncovers Sophisticated "SparkCat" Malware Campaign Targeting Crypto Recovery Phrases

卡巴斯基（Kaspersky

Kaspersky researchers have unveiled a significant malware threat known as SparkCat. This malware discreetly scans users' mobile device photo galleries for cryptocurrency recovery phrases hidden within screenshots.

卡巴斯基的研究人员揭露了一个重大的恶意软件威胁，称为SparkCat。该恶意软件谨慎地扫描用户的移动设备照片库，以掩盖隐藏在屏幕截图中的加密货币恢复短语。

Modus Operandi and Impact

作案手法和影响

SparkCat operates silently, unlike typical scams that promise financial rewards. Its covert nature makes assessing its financial impact challenging. Kaspersky, a renowned cybersecurity firm, detected the malware on Google Play and the App Store since March 2024.

SparkCat静静地运作，这与承诺财务回报的典型骗局不同。它的秘密性质使评估其财务影响具有挑战性。自2024年3月以来，著名的网络安全公司卡巴斯基（Kaspersky）在Google Play和App Store上发现了恶意软件。

Employing machine learning, the malware analyzes images for sensitive information such as crypto wallet recovery phrases and passwords.

使用机器学习，恶意软件分析图像以获取敏感信息，例如加密钱包恢复短语和密码。

Disguise and Target

伪装和目标

SparkCat disguises itself within seemingly innocuous applications, granting attackers access to users' photo galleries. Its primary objective is to stealthily extract recovery keys.

SparkCat在看似无害的应用程序中伪装自己，使攻击者访问用户的照片库。它的主要目的是偷偷提取恢复键。

Kaspersky has not disclosed the amount of currency or cryptocurrency stolen, but emphasizes the attack's sophisticated nature.

卡巴斯基尚未透露货币或加密货币被盗的量，而是强调了袭击的复杂性。

The campaign primarily targeted users in Europe and Asia. Researchers suggest the attackers may be of Chinese origin, based on the malware's source code.

该运动主要针对欧洲和亚洲的用户。研究人员认为，根据恶意软件的源代码，攻击者可能是中国起源的。

Security Implications

安全含义

While the affected apps have been removed, the SparkCat discovery is significant as it shows that crypto-related malware attacks are evolving. This strategy differs from social media-based scams involving meme coins, which often rely on aggressive deception tactics.

尽管已删除了受影响的应用程序，但SparkCat的发现很重要，因为它表明与加密相关的恶意软件攻击正在发展。该策略与涉及模因硬币的基于社交媒体的骗局不同，这些骗局通常依赖于积极的欺骗策略。

SparkCat's ability to bypass multiple security measures raises concerns about the potential for similar threats in the future.

SparkCat绕过多种安全措施的能力引起了人们对未来类似威胁的潜力的担忧。