Malicious iPhone apps are spreading screenshot-reading malware on the Apple App Store — how to stay safe

One phone with skull and crossbones on screen among several other clean-looking phones.
(Image credit: Marcos_Silva/Shutterstock)

For the first time, the Apple App Store is sharing malware privileges with the Google Play Store as apps infected with screenshot-reading SparkCat malware have been discovered on both platforms by cybersecurity software firm Kaspersky.

The goal of SparkCat is to steal cryptocurrency using multiple apps to hide malicious screenshot reading code with OCR, optical character recognition. OCR converts an image of text into machine readable formats; the malware triggers requests to access photo galleries when users try to use chat support features within the infected apps. The apps then use OCT tech to search the device for screenshots of crypto wallet passwords or recovery phrases. The images are sent back to attackers who then use the stolen information to access wallets and steal cryptocurrency.

Kaspersky can’t confirm if the infection is a deliberate action by the developers, or a result of a supply chain attack. The company specifies two AI chat apps that seem to have been created specifically for the SparkCat campaign, WeTink and AnyGPT, which both still seem to be available on the app store. It also appears to have infected legitimate apps like the food delivery app Comecome.

Kaspersky says it discovered the SparkCat code back in late 2024, and that the framework for the code appears to have been created in March of 2024. SparkCat seems to have infected more Android apps than iOS but that it has crossed the threshold to infect any iOS apps at all is noteworthy on its own.

Also noteworthy is the trojan nature of the malware which doesn't give out any malicious implants inside the application, and requests harmless permissions that can be used in the main functionality of the application allowing the malware to work quite secretly.

How to stay safe

A woman looking at a smartphone while using a laptop

(Image credit: Shutterstock)

Recommendations for staying safe include to delete or not save any screenshots that include sensitive information in the photo gallery including anything that includes phrases that could restore access to cryptocurrency wallets. Anything that contains passwords, confidential document or other sensitive data should be stored in a special application too.

In general, when selecting an app, stick to more widely known app developers with a history of putting out good software. You're more likely to come across malware when going with fee apps as opposed to paid ones too. Before installing any app, check its rating and reviews, and look for online video reviews so you can see the app in action.

To protect your Android devices from malware, make sure that Google Play Protect is enabled if you have an Android phone. It can scan all of your existing apps - and any new ones you download - for malware. For additional protection and some useful extras like a VPN or even a password manager, you might also want to look into running one of the best Android antivirus apps alongside it.

If you're an Apple user, you should check out some of the best Mac antivirus software from Intego as the company has come up with a workaround for scanning iPhones and iPads for malware by connecting them to a Mac first.

Bad apps are going to continue to slip through the cracks both on Android and iOS which is why you should always be extra careful when installing new software on your mobile devices.

More from Tom's Guide

Amber Bouman
Senior Editor Security

Amber Bouman is the senior security editor at Tom's Guide where she writes about antivirus software, home security, identity theft and more. She has long had an interest in personal security, both online and off, and also has an appreciation for martial arts and edged weapons. With over two decades of experience working in tech journalism, Amber has written for a number of publications including PC World, Maximum PC, Tech Hive, and Engadget covering everything from smartphones to smart breast pumps. 

Read more
Malware
New macOS malware uses Apple's own code to quietly steal credentials and personal data — how to stay safe
MacBook Pro 2021 (16-inch) on a patio table
Macs under attack from dangerous malware targeting digital wallets and Apple’s Notes app — how to stay safe
Green skull on smartphone screen.
Hackers are using the Amazon Appstore to spread malware — delete this malicious app now
MacBook Pro 2021 (16-inch) on a patio table
Millions of Mac owners urged to be on alert for info-stealing malware
A hacker typing quickly on a keyboard
Hackers are posing as Apple and Google to infect Macs with malware — don’t fall for these fake browser updates
A smartphone screen displaying the Android name and logo next to a sign reading 'MALWARE'.
Fake Google Play Store pages are spreading Trojan malware that can steal your financial data
Latest in Malware & Adware
A person trying to set up a new Wi-Fi router
Thousands of TP-Link routers have been infected by a botnet to spread malware
A smartphone screen displaying the Android name and logo next to a sign reading 'MALWARE'.
Fake Google Play Store pages are spreading Trojan malware that can steal your financial data
Green skull on smartphone screen.
Over 1 million Android devices infected with password-stealing, pre-installed botnet malware — how to stay safe
Green skull on smartphone screen.
This Android banking trojan steals passwords to take over your accounts — and all it takes is a single text message
PayPal logo on iPhone
Watch out! Scammers are using this PayPal setting to take over your PC
A laptop displaying the Chrome logo
Don't click this — malicious ads impersonating Google Chrome spreading dangerous malware
Latest in News
iPhone 17 Air render
New leaked iPhone 17 dummy units show off super-thin iPhone 17 Air with this surprising design tweak
Simone Ashley and Hero Fiennes Tiffin in "Picture This" now streaming on Prime Video
Prime Video top 10 has 3 must-watch movies — including a bubbly romcom starring 'Bridgerton's' Simone Ashley
(L-R) Josh Hartnett as Cooper and Ariel Donoghue as Riley in "Trap"
Netflix top 10 movies — here’s the 3 worth watching right now
NYT Strands on a cellphone
NYT Strands today — hints, spangram and answers for game #379 (Monday, March 17 2025)
iOS 19 logo on an iPhone
Apple WWDC 2025: iOS 19 and everything we know so far
Siri
Siri 2.0 features reportedly only working ‘two-thirds to 80% of the time’