Tatawwor SparkCat: Version jdida dyal Malware dkhlat l-App Store w Google Play bach tkhon kalamat sser dyal l-Crypto
New SparkCat Variant in iOS, Android Apps Steals Crypto Wallet Recovery Phrase Images
Tatawwor SparkCat: Version jdida dyal Malware dkhlat l-App Store w Google Play bach tkhon kalamat sser dyal l-Crypto
TL;DR (L-kholasa)
T-kchefat version jdida w mtowra dyal trojan SparkCat f Apple App Store w Google Play Store. Had l-malware mat-itkhaba f applikasyounat li kibanou 3adiyyin bhal l-messengers w khidamat tawssil l-makla، w kay-khdem b-teqniyat l-pass li sawar (OCR) bach y-skanni t-swar dyal l-ustikhdimin w y-qlleb 3la kalamat l-istirja3 (recovery phrases) dyal l-wallets dl-cryptocurrency bach y-syfthom l-servers dyal l-hackers.
Rjou3 SparkCat
L-khoubara dyal l-amn s-syberni f Kaspersky lqaw version jdida dyal SparkCat، li kat-3tabar tatawwor kbir men nhar t-ktaf l-marra l-lowla f fbrayer 2025. Wakha houwa khatar lli ma3rouf، had l-malware qder y-douz men l-moraqaba dyal Apple w Google w ywssel l-ustikhdimin f l-stores r-rasmiyya.
Had l-malware kay-khdem b-tnariyt "Trojan" (Hasane t-rouada)، ya3ni kay-khbi l-hadaf l-khabit dyalo f وسط applikasyounat kibanou mzyanin. L-ba-hitin lqaw SparkCat f:
- Applikasyounat d-comunnikasyoun l-charikat.
- Khidamat tawssil l-makla (Food delivery).
Taqniyat Mtowra
Had l-version l-khra dyal SparkCat kat-biyyen wahed l-mostawa 3ali dyal l-ihtirafiya، khousousan f Android. Bach y-thrbou men d-detecteurs dyal l-khoubara w s-scanners l-automatikiyin، l-moktarri3in zadou chi mizzat mtowra:
- Code Virtualization (Iftirad l-kod): Kay-kherbqou l-kod bach y-khalliw l-handassa l-3aksiya (reverse engineering) t-koun s3iba bzaf.
- Cross-Platform Languages: Khdamou b-loghat dyal l-programmasyoun li kakhdem f ga3 l-andima (iOS w Android) bach y-nashrouh dghya w y-tjanbou l-tahlil l-taqlidi.
- Obfuscation Layers (Tabaqat t-tamwih): T-tabaqat dyal l-hmiya bach y-khbbiw l-hadaf l-haqiqi dyal l-malware men l-procotolat dyal l-amn dyal t-tilifounat.
Stiratijiyat l-Istihdaf: OCR w Scan dyal t-Swar
L-hadaf l-asassi dyal SparkCat houwa s-serqa dyal l-ma3loumat d-dkhol l-cryptocurrency. Bach y-dir hadchi، kay-tlbe l-permission bach ywssel l-galerie d-tswar—li hiya permission 3adiya f apps dyal l-messagerie wala tawssil l-makla.
Ghir kay-khod l-permission، l-malware kay-khdem b-wahed l-module smito Optical Character Recognition (OCR) bach "yqra" n-nass li wast t-swar li m-stokkyin 3nd l-utilisateur. Kay-qlleb khousousan 3la kalamat miftahiya li 3ndha 3alaqa b- "mnemonic phrases" (seed phrases) dyal l-wallets dl-crypto.
Ikhtilafat Jihawiya f l-Istihdaf
Wakha had l-hamla kiban mura-ha operator kay-hdar b-chinwiya، l-istihdaf kay-khtalef 3la hsab l-platform:
- Version dyal Android: Kat-qlleb khousousan 3la kalamat b-l-japponiya، l-koriya، w l-chinwiya، hadchi kay-biyyen beli m-rkzin 3la s-souq l-asiwi.
- Version dyal iOS: Kat-qlleb 3la kalamat sser b-l-onlgiziya. Hit l-onlgiziya hiya l-logha l-3alamiya f l-crypto recovery phrases، Kaspersky k-t-haddar beli l-version dyal iOS 3ndha "qdrat l-wsoul kbar"، w t-qder t-drrab l-ustikhdimin f ay blassa f l-3alam.
L-iktichaf w l-asl
Kaspersky akdat beli lqat joj dyal l-apps m-infectyin f Apple App Store w wahed f Google Play Store. Sergey Puzan، l-bahit f Kaspersky، qal beli t-tchaboh mabin had l-3ayinat l-jdad w hadouk li t-lqaw f bdayet 2025 kay-biyyen beli nafss l-groupe dyal l-developers houwa li mura had rjou3.
"Had l-variant l-m-towra dyal SparkCat kat-tleb l-permission dyal t-swar f t-tilifoun f chi halat... Kat-hyellel n-nass f t-swar b-istighlal module dyal OCR"، hadchi li qal Puzan l-The Hacker News. Ila lqat kalamat m-tatabqa، t-tswira l-hassasa kat-tsift dghya l-hackers.
Kifach t-hmi rassek
Rjou3 SparkCat l-stores r-rasmiyya kay-biyyen beli hta l-apps "l-muwattaqa" tqder t-koun khatar. Khoubara l-amn kay-nashou b:
- Moraqabat Permissions dyal t-Swar: Red balek men l-apps li kay-tlbou l-wsoul l-galerie d-tswar w houma ma-m-htajinhach f l-khidma dyalhom l-asassiya.
- Ma-tkhbich l-Seed Phrases f t-Swar: Matsowarsh abadan kalamat l-istirja3 dyal l-crypto dyalk w tkhabihom f t-tilifoun aw f l-cloud.
- Solutions dyal Mobile Security: Khdem b-programmat dl-amn dyal l-mobile li ma3roufin bach t-detecti w t-bloqui l-malware bhal SparkCat.
L-masdar: https://thehackernews.com/2026/04/new-sparkcat-variant-in-ios-android.html