Kaspersky has discovered the "SparkCat" malware in multiple iOS and Android apps, marking the first known case of malicious screenshot-reading code making it into Apple's App Store. The malware was found in the AI chat apps WeTink and AnyGPT, as well as the food delivery app ComeCome. The Verge reports: On iOS and in some Android instances, the malware works by triggering a request to access users' photo galleries when they attempt to use chat support within the infected app. Once permission is granted, it uses Google OCR tech, which lets it decipher text found in photos, to look for things like screenshots of crypto wallet passwords or recovery phrases. The software then sends any images it finds back to the attackers, who can then use the info to access the wallets and steal crypto.

Kaspersky says it can't "confirm with certainty the infection was a result of a supply chain attack or deliberate action by the developers."

[ Read more of this story ]( https://it.slashdot.org/story/25/02/05/2010251/ios-app-store-apps-with-screenshot-reading-malware-found-for-the-first-time?utm_source=atom1.0moreanon&utm_medium=feed ) at Slashdot.