Be Careful Which Mobile Apps You Install

[Pmalek]

Many people nowadays install mobile apps for all kinds of things. However, some of these apps can be dangerous and contain nasty surprises. The team behind Kaspersky Lab discovered several applications with malicious intentions.

More precisely, these apps scanned photos from phone galleries, looking for recovery phrases to steal. If you are thinking, I am not taking pictures of seed phrases, so this can’t happen to me. Think again!

Consider all the permissions you give the apps you install. Many ask to view your messages, check your contacts, manage audio/video on your phone, and much more.

Your keys and seeds shouldn’t be saved on your phone or the apps installed on it in any form. Keep them offline for better security.

What Kaspersky Lab Found?

They found several genuine Android and iOS apps that contained the trojan stealer SparkCat that stole seeds saved as photos. The infected apps include food delivery services and AI apps. The apps passed initial security checks and were downloaded over 250,000 times before SparkCat was discovered.

-   Don’t install apps you don’t need and just for fun.
-   Stay away from brand-new apps.
-   If you can use a service from its website, do that. An app isn’t always necessary.


More information is available here:
https://x.com/KeystoneWallet/status/1890425042162311487

[Mia Chloe]

~snip

The biggest problem with installing malicious apps or apps that have some malicious properties is actually the kind of administrator and system permissions you Grant them during installation. The problem is most times when newbies install applications on their devices the usually don't even read the prompt they get and end up giving permissions to every single request the app makes and in the end the app is granted some odd permissions without their notice.

Another problem we have is the number of closed source softwares out there far more than the number of open source software out there. As a result it can be quite difficult to know what is going on back end.

For the problem of granting apps permissions most companies with
devices that run on android have made a few upgrades in later versions of Android to reduce the risk of privacy invasion like when some devices like your camera or microphone is being used the system always notifies you with a small indicator at the top of your screen.

For permissions sometimes you get the prompt on later version of Android to allow permissions to that app for only that particular usage after which the permission will be removed from the app immediately after you exit.

[Bitcoin Smith]

Looks like we already have a thread about that malware: SparkCat Trojan steals personal data from Android and iOS

Apart from these malicious apps, every app we have in our devices act as some kind of spyware which includes Google's official app. For example whenever we search something on the browser we will be shown a product or service related to our search in different approach is just enough proof that we are owning spywares.

Never trust a device that's connected to internet.

[Pmalek]

The problem is most times when newbies install applications on their devices the usually don't even read the prompt they get and end up giving permissions to every single request the app makes and in the end the app is granted some odd permissions without their notice.

You often don't have a choice. If you want to use a specific app, you will have to give it the permissions it requires otherwise it won't run or you won't be able to use some/most of its features. It's similar to the privacy policies and terms and conditions. When you open a mobile app for the first time, you are asked to accept them. If you refuse, the app simply closes and you can't use it before accepting the T&C. In such situations, most people will give in and click whatever is needed to be able to use the app.

[Ammar M. A.]

Always writing phrases on a piece of paper for security purposes, I also know that downloading & installing APKs from external sources is dangerous, but what is different about this case is the applications come from the trusted Playstore. In fact, my main reference when installing an APK on my smartphone is trusted stores like Playstore. Hearing this news made me a little worried.

- Ammar M. A.

[hugeblack]

The problem is that despite the large number of downloads, it cannot be said that the applications are safe, especially for beginners, as I know many people trust cloud services with their banking data and wallet seeds.
AI applications will be the next target for these hackers.

[Maslate]

We have a similar topic created 7 days ago.

SparkCat Trojan steals personal data from Android and iOS

This type of information is pretty new but we are aware now, so I'm really thankful to the forum members who share it. Most of us just install apps from Google or the App Store, trusting that they're verified without knowing the app we are using is already infected by the SparkCat trojan.

[GreatArkansas]

People must always remember now even what kind of operating system they will use, the danger is always there because I see a lot of people that say, "Use IOS", "use macOS", "use that OS", etc.
So for me, even what kind of operation you will use, you can't really eliminate 100% of hacks/scams.

[DPHOR]

If say this I wouldn't argue with you for an reasons as I have witnessed an app I downloaded yesterday night and it started asking for several permissions from my phone such; video, audio, messages and images, and I was like why would this app ask for such authorization from me. I wasn't that comfortable with it and I had to uninstall it and ask the friend who asked me to install if these app asked for those permissions while he downloaded it.

The worst one is download a app we don't know anything about them could be very dangerous, but if we have a known them before downloading it would be that easier for us to fetch out whenever their seems to be something phishing anywhere within the app.

Anyway, thanks for the information and education.

[Victorybit1]

Many people don't know the dangers of most some of these apps they download, I remember when my phone crashed after downloading some certain applications. Some mobile apps comes with viruses and others were being created by hackers to get your details or hack into your device. You shouldn't just make use of every application you come across especially if they are ot found on the apps store. And I also observed that a lot of apps have duplicates, people make a fake version of the original to scam people. Always be cautious of what you download.

[Amphenomenon]

The problem is that despite the large number of downloads, it cannot be said that the applications are safe, especially for beginners, as I know many people trust cloud services with their banking data and wallet seeds.
AI applications will be the next target for these hackers.

Unfortunately Ai chat bot are already being used for such malicious purposes and they were other said legitimate food app Comecome having such malware.

All this were provided in the research by Kaspersky Lab and discussion about them were made on this thread https://bitcointalk.org/index.php?topic=5529464.msg65039422#msg65039422

[Pmalek]

Most of us just install apps from Google or the App Store, trusting that they're verified without knowing the app we are using is already infected by the SparkCat trojan.

Google does very little in terms of security checks and verifying the legitimacy of the apps that get published there. They are interested in having the developers pay the publishing fee and that's it. Apple takes its job a bit more seriously, and you don't see that many fake apps appear there. It also costs more money to have an app published on the App Store compared to the Play Store and Apple requires an annual fee while Google doesn't. Regardless of everything, you shouldn't blindly trust any apps and stay away from them if it isn't something you really need.

[hd49728]

Many people nowadays install mobile apps for all kinds of things. However, some of these apps can be dangerous and contain nasty surprises. The team behind Kaspersky Lab discovered several applications with malicious intentions.

Not only with mobile but also with desktop or laptop.

Don't arbitrarily install any app or software, you will be trapped.
A senior Bitcoin developer Luke Dashjr was hacked and lost bitcoin by installing one or some softwares.
Bitcoin developer @lukedashjr's wallet was hacked
https://x.com/LukeDashjr/status/1609613748364509184
https://x.com/peterktodd/status/1609655629903265795

FYI I've confirmed that this is real and not a Twitter hack via a mutual friend.

IIUC he used Gentoo as his desktop and didn't keep different activities separated. So backdoored software is one of many ways this could happen; he may not have been targeted.

[Stepstowealth]

More precisely, these apps scanned photos from phone galleries, looking for recovery phrases to steal. If you are thinking, I am not taking pictures of seed phrases, so this can’t happen to me. Think again!

Consider all the permissions you give the apps you install. Many ask to view your messages, check your contacts, manage audio/video on your phone, and much more.

I usually use to be the hurry to click and grant permission to any app that I download on the Internet but now with these new information in circulation, I will be more cautious now. I maybe have not fallen victim to this sort of malware because I do not download random apps on the Internet and for any app that I'm looking for specifically to download it is based on recommendation. also, I think it is unnecessary to have and keep applications on your phone that you no longer use.

The caution should not just be with new apps that you download, but with old applications that we have that require an update.

[JiiBs]

Is there an Electrum wallet app for iOS mobile devices?
The one I did see looked like a clone wallet, I wasn’t quite comfortable with it and as such, I prefer to be safe than take any chances with it and distanced myself from it.

The thread just jinxed my memory to what’s been the experience and I just have to put it out here.
Can’t play with my money, I’m sure y’all do understand what world we live in now.

[Alone055]

Generally, a person shouldn't use a device for financial data or apps, which they use to download all sorts of stuff, play games, use apps, and do everything that they do on a daily basis, either for work, entertainment or any other purpose. There should be separate devices for both, or one should at least keep their data somewhere else even if they use the apps on the same device so that other apps don't get to access the data.

People often overlook this, but it's a serious issue. I have seen people downloading games from unknown and untrustworthy sources for fun while having financial application in the same device, I have also seen people taking screenshots of their seed phrases because they are too lazy to write them down and keep them somewhere safe, but if it's a person who knows they are going to have funds in those accounts, they should know this is a risky thing to do.

[mindrust]

It is better to avoid any apps which you don’t really need. Unless it if from the big tech, I rarely install new apps. I am on IOS and it is still not a fully safe environment. I think it is best to save seed words written on paper and a usb disk for backup. Unless you are incredibly careless or/and unlucky, you can’t fail with this combination. Definitely don’t put any trust in your phone. That’s probably one of the stupidest thing one can do.

Crypto doesn’t forgive carelessness or stupidity. Once you lose your coins they will be gone forever

[nakamura12]

Looks like we already have a thread about that malware: SparkCat Trojan steals personal data from Android and iOS

Apart from these malicious apps, every app we have in our devices act as some kind of spyware which includes Google's official app. For example whenever we search something on the browser we will be shown a product or service related to our search in different approach is just enough proof that we are owning spywares.

Never trust a device that's connected to internet.

Yeah I have read it before. About the app, it also shows your location even if you didn't turn on the gps location just like what you said about the product or service that will be shown when you search on the internet. We should always think that no matter what you do on a device that is connected to the Internet there's always something that gathers personal data or personal things that people may like that's why there's always a product or service that the browser shows base on the information they gather about you.

[PX-Z]

No doubt, "AI" tools where taken advantage of because of how lazy people (or whatever do you call them) getting hype of the works of "AI" especially in photo or video editing to be posted on social media, there are lots of apps like them. If some of these kind of apps where installed on the device no doubt it will be easily hack and infected.

[Saint-loup]

It's concerning because sometimes you need to take a photo or a screenshot of the QR-code of the 2FA key. And unfortunately with AI I think one day malwares will be able to guess from which exchange or casino those 2FA key QR-code are with the name of the file or the directory it belongs to and/or with some elements in the picture without the help of any human, so hackers will be able to handle attacks on large scales (thousands machines or even more) simultaneously, they will even be able to get things they wouldn't be able to guess otherwise.