News

Password & Crypto-Stealing Trojan Targets UAE Users Via App Stores

The newly-discovered malware, named SparkCat, uses optical recognition to scan for sensitive data inside screenshots and photos.

Published

2 weeks ago

February 7, 2025

Nour Nasir

password and crypto stealing trojan targets uae users via app stores

Researchers at Kaspersky have identified a Trojan lurking in both the App Store and Google Play since at least March 2024. The malware is known as SparkCat, and it uses optical recognition to scan image galleries, stealing sensitive data like crypto wallet recovery phrases and passwords from user’s screenshots and photos.

How SparkCat Spreads

The malware is being distributed through both infected legitimate apps and cleverly disguised lures. These include messaging apps, AI assistants, food delivery services, and crypto-related applications. Some of the compromised apps have made their way into Google Play and the App Store, while others are circulating through unofficial sources.

Who’s At Risk?

Worryingly for our readers, the primary targets appear to be users in the United Arab Emirates. However, various countries in Europe and Asia have also been targeted, as SparkCat’s optical scanning can detect multiple languages.

How It Works

Once installed, SparkCat may request permission to access a user’s photo gallery. From there, it uses an optical character recognition (OCR) module to scan stored images for relevant keywords. If it detects sensitive data — particularly screenshots of recovery phrases for cryptocurrency wallets — it transmits the images to attackers. With this information, hackers can gain full access to a victim’s funds.

Who’s Behind It?

An analysis of the Android version of SparkCat revealed code comments written in Chinese, while the iOS variant included home directory names like qiongwu and quiwengjing. While these clues suggest a Chinese-speaking threat actor, there isn’t enough evidence to link the software to any known cybercriminal groups.

Sergey Puzan, a malware analyst at Kaspersky, noted, “This is the first known case of OCR-based Trojan to sneak into AppStore. In terms of both AppStore and Google Play, at the moment it’s unclear whether applications in these stores were compromised through a supply chain attack or through various other methods. Some apps, like food delivery services, appear legitimate, while others are clearly designed as lures”.

How To Protect Yourself

To minimize the risk of infection, Kaspersky recommends taking the following precautions:

If you’ve installed an affected app, delete it immediately and avoid using it until a safe update is available.
Avoid saving screenshots that contain sensitive information, such as crypto wallet recovery phrases. Instead, use secure password managers.
Consider using reputable cybersecurity solutions like Kaspersky Premium to safeguard against malware threats.

As and mobile malware tactics evolve, staying cautious with app downloads and maintaining strong security practices can go a long way in keeping your data safe.

Related Topics:Cryptocurrency Cybersecurity Hacking

Up Next

VISARUN.AI Raises $700K To Streamline MENA Visa Processing

Don't Miss

STARZPLAY Partners With Seekr To Enhance AI Streaming

Click to comment

News

Foodics Acquires Online-Ordering Specialist & Invests In 3 Startups

The deal with UK-based Solo Venture was made at LEAP 2025, and will help create a seamless, all-in-one SaaS ecosystem for restaurants.

Published

1 day ago

February 19, 2025

Nour Nasir

foodics acquires online-ordering specialist and invests in 3 startups

MENA-based restaurant and payments technology provider Foodics has fully acquired Solo Venture, a UK-based company specializing in self-ordering kiosks and white-label online ordering solutions. The deal was reached at this year’s LEAP 2025 event in Riyadh and is part of Foodics’ strategy to create a seamless, all-in-one SaaS ecosystem for restaurants and catering firms.

Solo’s technology includes AI-driven self-service solutions, simplifying ordering and increasing profit margins. By integrating Solo into its platform, Foodics will soon be able to offer restaurants a comprehensive suite of tools covering everything from dine-in management to payments and analytics.

Ahmad Al-Zaini, CEO and Co-Founder of Foodics explained: “This acquisition is a significant step in our mission to build the most comprehensive restaurant management platform in MENA and beyond. To further support our ecosystem and the future of tech in the F&B sector, we are allocating $100M in strategic acquisitions and investments in Fintech, AI, and other transformative technologies over the coming three years”.

Beyond the Solo acquisition, Foodics is also backing three startups as part of its wider expansion plan:

Norma: A Greek AI-powered data analytics firm that enables business professionals to generate insights instantly, eliminating the need for technical expertise.
Add: A specialized accounting platform designed for small and medium-sized restaurants to simplify financial reporting and payroll management.
Arzaq Plus: A smart food and beverage supply chain platform that optimizes sourcing and logistics while introducing a “Buy Now, Pay Later” feature to the Foodics platform.

Also Read: Taager Secures $6.75M To Expand Social eCommerce In MENA

Anas Alghanim, Foodics’ Director of Corporate Development, emphasized, “At Foodics, every investment we make is aimed at creating valuable solutions that drive growth and deliver tangible success, ensuring that we empower our partners and customers to shape the future of the industry”.

The LEAP 2025 announcement coincides with the celebration of Foodics’ 10th anniversary. After supporting over 30,000 food and beverage businesses across 30 countries, Foodics continues to push the boundaries of restaurant management technology, helping companies streamline operations and enhance customer experience.