News
Password & Crypto-Stealing Trojan Targets UAE Users Via App Stores
The newly-discovered malware, named SparkCat, uses optical recognition to scan for sensitive data inside screenshots and photos.
Researchers at Kaspersky have identified a Trojan lurking in both the App Store and Google Play since at least March 2024. The malware is known as SparkCat, and it uses optical recognition to scan image galleries, stealing sensitive data like crypto wallet recovery phrases and passwords from user’s screenshots and photos.
How SparkCat Spreads
The malware is being distributed through both infected legitimate apps and cleverly disguised lures. These include messaging apps, AI assistants, food delivery services, and crypto-related applications. Some of the compromised apps have made their way into Google Play and the App Store, while others are circulating through unofficial sources.
Who’s At Risk?
Worryingly for our readers, the primary targets appear to be users in the United Arab Emirates. However, various countries in Europe and Asia have also been targeted, as SparkCat’s optical scanning can detect multiple languages.
How It Works
Once installed, SparkCat may request permission to access a user’s photo gallery. From there, it uses an optical character recognition (OCR) module to scan stored images for relevant keywords. If it detects sensitive data — particularly screenshots of recovery phrases for cryptocurrency wallets — it transmits the images to attackers. With this information, hackers can gain full access to a victim’s funds.
Who’s Behind It?
An analysis of the Android version of SparkCat revealed code comments written in Chinese, while the iOS variant included home directory names like qiongwu and quiwengjing. While these clues suggest a Chinese-speaking threat actor, there isn’t enough evidence to link the software to any known cybercriminal groups.
Sergey Puzan, a malware analyst at Kaspersky, noted, “This is the first known case of OCR-based Trojan to sneak into AppStore. In terms of both AppStore and Google Play, at the moment it’s unclear whether applications in these stores were compromised through a supply chain attack or through various other methods. Some apps, like food delivery services, appear legitimate, while others are clearly designed as lures”.
How To Protect Yourself
To minimize the risk of infection, Kaspersky recommends taking the following precautions:
- If you’ve installed an affected app, delete it immediately and avoid using it until a safe update is available.
- Avoid saving screenshots that contain sensitive information, such as crypto wallet recovery phrases. Instead, use secure password managers.
- Consider using reputable cybersecurity solutions like Kaspersky Premium to safeguard against malware threats.
As and mobile malware tactics evolve, staying cautious with app downloads and maintaining strong security practices can go a long way in keeping your data safe.
News
At I/O 2026, Sundar Pichai Concedes AI Must Deliver Real Value
Gemini 3.5, a personal agent called Spark, agentic shopping, and Android XR eyewear are all aimed at making AI feel useful, not just impressive.
Google’s annual I/O developer conference (I/O 2026) has recently become a status update on the same question: can the company turn its AI spending into products people use every day? This year, chief executive Sundar Pichai described Google as being in a phase of hyper progress, while conceding this is the part of the cycle where people want to see real value in the products they use on a day-to-day basis.
The strategy on display was to push agents — AI systems that act on a user’s behalf — into nearly every Google product at once. Search now has an “intelligent search box” that returns generated explainer videos alongside links. Gmail, Docs, YouTube and Maps are gaining their own agent layers, including a Docs Live feature that turns spoken instructions into drafted text with citations.
Two new models, Gemini 3.5 and a cheaper Gemini 3.5 Flash, arrived the same day. Google says 900 million people now use Gemini, and that more than 50 billion images have been generated with it. The pricing tier names are likely to confuse buyers: a new AI Ultra plan launches at $100 a month, while the older Gemini AI Ultra drops from $250 to $200.
The flashier announcements were Gemini Omni, a video generator pitched as a more realistic answer to OpenAI’s discontinued Sora 2, and Gemini Spark, a personal agent that handles recurring tasks across a user’s Google account. A new universal shopping cart lets agents complete purchases across multiple retailers from inside Google itself, placing the company between the merchant and the buyer, and also owning the checkout.
Also Read: DJI Teases Dual-Camera Osmo Pocket 4P For 2026 Launch
Google also confirmed its Android XR eyewear, built with Samsung and frames from Warby Parker and Gentle Monster. Audio-only glasses ship this autumn; a display-equipped version, which would superimpose live translations into the wearer’s field of view, is still in development. Both sets translate, however only the display version shows you the result.
What Pichai did not resolve is the bargain underneath all this. An agent is only useful to the degree it knows your calendar, your inbox, your shopping history and your physical surroundings. Google has now confirmed that, in time, the same context may carry advertising.
2026 Crypto Trends: Bitcoin, ETFs & The Future Of Payments
At I/O 2026, Sundar Pichai Concedes AI Must Deliver Real Value
DJI Teases Dual-Camera Osmo Pocket 4P For 2026 Launch
Lebanon Ministers Meet Visa Over National Digital Payment Platform
AltoVolo Releases Sigma Footage & Sets Date For Demonstrator
AltoVolo Releases Sigma Footage & Sets Date For Demonstrator
NVIDIA Puts GPT-5.5 Codex In Hands Of 10,000 Staff
United Arab Emirates To Quit OPEC After 59 Years
YouTube Tests Conversational AI Search Tool
