Kaspersky Labs has found malware named SparkCat in software development kits used for making Android and iOS apps. The malware, apparently developed by a Chinese speaker, scans images on devices for sensitive data, particularly cryptocurrency wallet recovery phrases. Downloaded about 242,000 times, it largely affects European and Asian users. It is disguised in both genuine and fake apps. Kaspersky suggests a supply chain attack or developer embedding.
Ukraine’s largest bank PrivatBank Targeted with SmokeLoader malware
Financial threat group UAC-0006 is conducting a phishing campaign targeting customers of Ukraine’s largest state-owned bank, PrivatBank, using password-protected archives to deploy SmokeLoader malware. Cybersecurity
