Warning: New malware steals photos on iPhone and Android

Whether you have an iPhone or an Android phone, chances are your device is filled with a ton of personal, financial, and other sensitive data. While most people worry about password theft, a new strain of malware shows hackers are also targeting an unlikely target: your photo library.

According to BleepingComputer, the latest cyberattack campaign is using SparkKitty malware to access and steal all photos stored on infected devices, including existing photos and newly taken photos. Notably, the campaign affects both iPhones and Androids, and according to a report from security firm Kaspersky, it has been quietly operating since February of last year.

What's worrying is that SparkKitty not only hides in malicious apps downloaded from third-party sources, but also infiltrates both official app stores, the Apple App Store and the Google Play Store.

In addition, Kaspersky also discovered fake TikTok clones, gambling apps, adult games, and even online casino apps used as vehicles to spread SparkKitty.

SparkKitty operates differently on each platform:

On iPhones, the malware is embedded in fake apps, often through “enterprise profiles” — a technique for installing apps outside the App Store. When the app launches, the malware automatically activates.

On Android, the malware is embedded in an app written in Java or Kotlin, and is triggered when the user opens the app or performs a specific action. The app typically requests storage permission, which gives it access to all stored photos.

Once it has permissions, SparkKitty proceeds to scan the photo library to extract data, focusing specifically on screenshots – a seemingly convenient habit that turns out to be a serious security vulnerability.

How to avoid malware hidden in mobile apps

Today, malware is not only spread through phishing links or email attachments, but also often hidden in apps, even on official app stores like Google Play or the App Store. This makes app downloads one of the most common ways for hackers to spread malware and steal user data.

To minimize risk, users need to be especially cautious before installing any application on their phone. Start by carefully reviewing the application's reviews, ratings, and number of downloads.

However, it is important to note that app store reviews can be completely fake, so it is advisable to check out reviews from reputable tech sites or video reviews where you can see the app in action firsthand.

One important rule that should not be overlooked is to limit the number of apps installed on your device. The fewer apps you have, the less likely you are to accidentally install a fake app or a legitimate app that has been infected with malware through updates.

Before installing a new app, ask yourself if you really need it. It may be that a pre-installed app or current operating system feature already meets your needs.

Additionally, you should avoid downloading apps from third-party or unofficial stores unless you fully understand the risks. Major app stores like the App Store or Google Play Store have strict security review processes, while unofficial platforms are often where malware lurks.

For Android users, make sure Google Play Protect is enabled. This is a built-in security tool that periodically scans your apps for unusual behavior. Paired with a reputable Android antivirus, you have an extra layer of protection.

Meanwhile, iPhone users can use Mac malware scanning tools like Intego, but they need to connect the device to the Mac via a cable to perform the scan.

Equally important is to share this security knowledge with loved ones, especially children and the elderly - who are vulnerable to falling victim to malicious applications.

While malware continues to grow in sophistication and unpredictability, with a few simple precautions, you can avoid most of the risks. In the digital age, being careful when installing apps is the first step to protecting your family’s personal data and online safety.