A new malware, called SparkCat, has been discovered in the Apple App Store, in addition to the Google Play Store and some third-party stores.
SparkCat uses optical character recognition (OCR) to read any text from screenshots saved on a device, including account creation pages and codes for logins, usernames and passwords.
It primarily targets cryptocurrency wallets, but is also looking for other sensitive data.
Security experts have discovered infections in apps on all of the major app stores, affecting upwards of 250,000 users.
This is a significant find, as Apple’s app store is typically considered to have stringent security measures and is therefore protected from such attacks.
Apple devices are also vulnerable to SLAP and FLOP attacks via chip fault, which can enable hackers to access browser information, including iCloud and Gmail messages.
Researchers have found that Apple devices using A15 and A16 Bionic, A17 Pro, M2, M3 and M4 chips, from 2021 to the present day, are affected by this vulnerability.