A new threat in the world of digital assets has emerged. Security researchers have discovered sophisticated malware designed specifically to go to cryptocurrency wallets on mobile devices, including both iOS and Android. As cryptographic adoption grows worldwide, this attack highlights how cybercriminals are becoming increasingly aggressive by attacking digital assets.
A new threat: malware difficult to detect
The malware was first identified by cybersecurity teams that work closely with the blockchain industry. Unlike previous threats that focused mainly on desktop environments, this malware is designed to exploit safety holes in mobile operating systems and wallet applications.
According to the reports of BeincyptoThis malware can:
-
Steal user seed phrases
-
Keyboard Registration Activity
-
Monitor the clipboard to capture wallet addresses during copy shares
-
Send data to remote servers without the knowledge of the victim
Even more worrying, malware can disguise themselves as legitimate applications or false updates of the system, which makes regular users detect.
🚨 Ti Ti Ti 🚨
A new malware called #Sparkkitty That steals all infected iOS & Android devices, looking for cryptographic wallet seeds.
⚠️ delivered through:
🔸 “币 币 Coin” (App Store)
🔸 “Soex” (Google Play, 10k+ facilities, now eliminated)
🔸 Casino applications, adult … pic.twitter.com/47WDC8L6TQ– Slowmist (@slowmist_team) June 24, 2025
The main objectives: popular wallets and cryptographic applications
The researchers indicated that this malware is specifically directed to popular wallet applications such as Trust wallet, Metamascaand Wallet. It also focuses on encryption exchange applications and defi platforms.
Malware extends through:
-
False websites that mimic official pages
-
Phishing links on social networks and messaging applications
-
Malicious APK files installed outside Google Play store
Why this attack is so dangerous
Unlike typical malware that causes minor interruptions, this attack directly threatens valuable assets: its Crypto Holdings. With stolen seed phrases or private keys, computer pirates can easily drain the victims’ wallets.
The attack is particularly dangerous because:
-
It requires a minimal interaction of the victims once installed
-
Block chain transactions are anonymous and irreversible
-
It can extend rapidly through unofficial application distribution channels
How to protect your cryptographic assets
Here are essential steps to minimize risk:
-
Avoid installing applications from unofficial sources (use only play store or app store)
-
Regularly verify application permissions
Our researchers discovered #Sparkkittya stealthy Trojan addressed to both #Ios and #Android devices
Capture images and data of infected phone devices and transmits them to the attackers. The Trojan was integrated into applications related to #Cryptogame and even a Trojan … pic.twitter.com/2CJJSWCPEO
– Kaspersky (@kaspersky) June 24, 2025
-
Enable two factors authentication (2FA)
-
Use hardware wallets for large assets.
-
Keep your operating system and updated applications
-
Never share your sentence of private seeds or keys with anyone
Experts also advise to keep alert for suspicious emails, SMS messages or chat applications links, especially those that offer “free cryptography” or claim to be official sources.
Expert insights: a complex and evolving threat
According to cybersecurity analysts, this type of attack indicates a new stage in the evolution of cybercrime. “Computer pirates are exploiting the sense of user security when it comes to mobile devices. The reality is that threats on mobile devices are now so serious, if not more serious, than on the desk”,
FFF
This attack also serves as a reminder that cryptographic security is not just about blockchain technology, but that it is about how users protect access to their assets.
What this means for the cryptographic world
Such attacks could undermine public trust in digital assets, especially among new users. However, the cryptographic community is working continuously at:
Conclusion: Stay vigilant, stay safe
Crypto opens huge opportunities in the digital age, but also comes with risks that must be administered wisely. This new malware is a attention call for all cryptography users: the guard never lets out.
Protect your assets with best security practices and be careful with suspicious applications or links.
