News
Password & Crypto-Stealing Trojan Targets UAE Users Via App Stores
The newly-discovered malware, named SparkCat, uses optical recognition to scan for sensitive data inside screenshots and photos.
Researchers at Kaspersky have identified a Trojan lurking in both the App Store and Google Play since at least March 2024. The malware is known as SparkCat, and it uses optical recognition to scan image galleries, stealing sensitive data like crypto wallet recovery phrases and passwords from user’s screenshots and photos.
How SparkCat Spreads
The malware is being distributed through both infected legitimate apps and cleverly disguised lures. These include messaging apps, AI assistants, food delivery services, and crypto-related applications. Some of the compromised apps have made their way into Google Play and the App Store, while others are circulating through unofficial sources.
Who’s At Risk?
Worryingly for our readers, the primary targets appear to be users in the United Arab Emirates. However, various countries in Europe and Asia have also been targeted, as SparkCat’s optical scanning can detect multiple languages.
How It Works
Once installed, SparkCat may request permission to access a user’s photo gallery. From there, it uses an optical character recognition (OCR) module to scan stored images for relevant keywords. If it detects sensitive data — particularly screenshots of recovery phrases for cryptocurrency wallets — it transmits the images to attackers. With this information, hackers can gain full access to a victim’s funds.
Who’s Behind It?
An analysis of the Android version of SparkCat revealed code comments written in Chinese, while the iOS variant included home directory names like qiongwu and quiwengjing. While these clues suggest a Chinese-speaking threat actor, there isn’t enough evidence to link the software to any known cybercriminal groups.
Sergey Puzan, a malware analyst at Kaspersky, noted, “This is the first known case of OCR-based Trojan to sneak into AppStore. In terms of both AppStore and Google Play, at the moment it’s unclear whether applications in these stores were compromised through a supply chain attack or through various other methods. Some apps, like food delivery services, appear legitimate, while others are clearly designed as lures”.
How To Protect Yourself
To minimize the risk of infection, Kaspersky recommends taking the following precautions:
- If you’ve installed an affected app, delete it immediately and avoid using it until a safe update is available.
- Avoid saving screenshots that contain sensitive information, such as crypto wallet recovery phrases. Instead, use secure password managers.
- Consider using reputable cybersecurity solutions like Kaspersky Premium to safeguard against malware threats.
As and mobile malware tactics evolve, staying cautious with app downloads and maintaining strong security practices can go a long way in keeping your data safe.
News
Lebanon Ministers Meet Visa Over National Digital Payment Platform
Finance and technology ministers say a comparative study and roadmap will follow before any decision on adopting a model.
Lebanon’s finance and technology ministers met representatives from Visa last week to discuss a proposed unified national digital payment platform for government services, according to a readout from the Ministry of Finance.
The meeting brought together Finance Minister Yassin Jaber, Minister of State for Technology and Artificial Intelligence Kamal Shehadeh, a Visa delegation, and experts from both ministries. Discussion focused on whether Lebanon could establish a single platform through which citizens and institutions would pay taxes, fees, fines and other official transactions electronically, using mobile phones and other digital channels.
The Visa delegation presented examples from countries that have adopted unified government payment platforms, including the United Arab Emirates, Singapore, Estonia and Jordan. According to the readout, the examples were presented as having increased collection rates and expanded financial inclusion.
Talks covered settlement mechanisms, direct transfer to the treasury account, financial reconciliation, risk management, cybersecurity, fees, and an operational model that would involve the private sector. The parties agreed to continue technical and institutional consultations, prepare a comparative study, and develop an implementation roadmap before any decision on adopting a model for Lebanon.
Jaber said the Ministry of Finance had already enabled citizens to pay using credit cards and e-wallets through transfer companies, but described the proposed platform as a further step. He framed the development of electronic payment and collection systems as a priority within the ministry’s modernization plan.
Also Read: Deezer Says AI Tracks Now Make Up 44% Of Uploads
Shehadeh outlined the citizen-facing concept as a single mobile application through which users could settle obligations to ministries, government institutions and other bodies.
“The idea, in short, is that any citizen downloads an application on their mobile phone, through which they can pay all service obligations for all ministries, government institutions, or those owned by the Lebanese state, and others as well, as the platform is not limited only to state institutions,” he said.
Shehadeh added that the platform would not displace banks and money transfer companies that currently provide collection services to the state, calling it complementary to their work.
Lebanon Ministers Meet Visa Over National Digital Payment Platform
AltoVolo Releases Sigma Footage & Sets Date For Demonstrator
Careem Launches Lebanon Aid Drive With WFP
United Arab Emirates To Quit OPEC After 59 Years
YouTube Tests Conversational AI Search Tool
Yango Ride Introduces In-Chat Trip Planning In ChatGPT
Deezer Says AI Tracks Now Make Up 44% Of Uploads
NVIDIA Puts GPT-5.5 Codex In Hands Of 10,000 Staff
United Arab Emirates To Quit OPEC After 59 Years
