iPhone

Malware in Disguise: How Infected iPhone Apps Are Stealing Your Crypto Secrets

Researchers uncover the first known case of OCR malware on the App Store, secretly scanning users' screenshots for crypto wallet recovery phrases.
By Blip Tech 2 min read

Malware Found in iOS and Android Apps on Official Marketplaces

Researchers at Kaspersky have discovered a new form of malware that uses Optical Character Recognition (OCR) to scan users' photo libraries for sensitive information, such as recovery phrases for cryptocurrency wallets. This is the first known instance of such malware being found in apps available on Apple's App Store and Google Play.

How It Works:

  • Android Malware: The malicious module decrypts and launches an OCR plugin using Google’s ML Kit library to recognize text in images from the gallery. Images with specific keywords are sent to a command-and-control (C2) server.
  • iOS Malware: Similarly, the iOS version of the malware uses Google’s ML Kit for OCR, scanning the photo library for sensitive data and sending it to the C2 server.

Target Demographics:

  • The affected apps primarily target users in Asia and Europe.

Affected Apps:

  • Some of the apps appeared to be legitimate services, such as food delivery apps like ComeCome, while others were designed to lure victims. Examples include AI chat apps AnyGPT and WeTink.

Source of Infection:

  • Kaspersky could not confirm whether the infection was due to a supply chain attack or deliberate action by developers. Some apps, like food delivery services, seemed legitimate, while others were suspiciously designed to deceive users.

Current Status:

  • Several of these affected apps are still available for download on the App Store as of this report.

For more details, you can refer to Kaspersky's full report.

#iPhone

Latest News

Gaming

Praise the Sun: Dark Souls Trilogy Remake Rumored to be in Development

The legendary flame might be reignited as a new leak suggests the entire Dark Souls trilogy is getting a modern overhaul.

Nintendo

Indy's Heavy Baggage: Switch 2 File Size Revealed for Indiana Jones and the Great Circle

Prepare your storage for a whip-cracking adventure as the estimated footprint for Indiana Jones' newest quest on Nintendo's next-gen console comes to light.

Google

Gemini AI Sparking a Massive Smart Speaker Resurgence

The smart home landscape is set for a major transformation as Gemini AI prepares to power a new generation of both first-party and third-party hardware.

Security

Microsoft Defender Declares War on Trusted DigiCert Root Certificates

Windows users are facing a digital identity crisis as Microsoft Defender starts scrubbing legitimate DigiCert certificates after mislabeling them as malicious Trojans.

Apple

The End of the Entry-Level Era: Apple Pulls the $599 Mac Mini

Apple's most accessible desktop powerhouse just became a bit harder to snag as the $599 base model reaches its end of life.

Motorola

Motorola's Secret Weapon: The New Razr Leapfrogs Giants with Carbon-Silicon Power

A folding icon returns to lead the charge, introducing a revolutionary battery material that leaves competitors in the dust.

About Blip Tech

Blip Tech is your go-to source for fast, reliable technology news. We cover everything from the latest Apple and Google announcements to breakthroughs in artificial intelligence, new smartphone releases, computer hardware, and everyday tech tips and how-tos. Our mission is to keep you informed without the fluff — just the news you need, delivered clearly and concisely.