A sophisticated malware campaign is targeting both iOS and Android users by hiding within seemingly legitimate apps. This malware uses Optical Character Recognition (OCR) to scan screenshots saved on devices, extracting sensitive information like crypto wallet recovery phrases, login credentials, and payment details. The malware bypasses app store security checks by operating stealthily and spreading through deceptive updates or compromised software development kits (SDKs). While Apple and Google have removed identified malicious apps, the incident highlights vulnerabilities in app store security.
Users are advised to install strong antivirus software, download apps from trusted developers, carefully review app permissions, keep devices and apps updated, and be wary of apps making unrealistic promises. This campaign underscores the need for enhanced security measures and vigilance to protect against evolving cyber threats on mobile platforms globally.