Apple Removed Apps Infested With Screen Reading Malware

by

Information on new "SparkCat" malware infesting a small number of iOS apps was shared yesterday by Kaspersky, and shortly after the report came out, Apple said that it pulled the offending apps from its App Stores in various countries.

iOS App Store General Feature JoeBlue
Some of the apps that had hidden malware included ComeCome, WeTink, and AnyGPT. 11 apps were removed in total, but when removing the apps, Apple says that it found another 89 with the same code that had been previously rejected or removed from the App Store for violating Apple's fraud policies. When an app is removed for fraud, Apple terminates the associated developer account.

As outlined by Kaspersky, the apps used a malicious framework with OCR capabilities designed to suss out sensitive information in images and screenshots stored on iPhones. Recovery phrases for crypto wallets were a specific target, with attackers aiming to steal bitcoin and other cryptocurrency, but the malware could target other phrases like passwords.

By default, Apple blocks access to a user's photos, so the apps would have needed express user consent to operate. If given permission to access a Photo Library, the apps could scan through the images to look for key phrases outlined by the attackers. If an image with a relevant phrase was found, it was uploaded to a remote server. Kaspersky found that the malware was likely targeting iOS users in Europe and Asia.

It is worth noting that Apple added granular control over the images that an app is able to access back in iOS 14, and there is an option to provide access to a limited number of images rather than an entire library. It is a good idea to avoid apps that seem sketchy, and to refrain from giving an app access to all of your images.

Apple also provides an App Privacy Report that outlines all of the instances when an app accesses sensitive data like location, images, camera, and microphone. The App Private Report can be found in the Privacy section of the Settings app.

Popular Stories

ios 26 liquid glass lock screen beta 6

Apple Changes Liquid Glass Again in iOS 26 Beta 6

Monday August 11, 2025 12:09 pm PDT by
Apple is continuing to tweak the way that the Liquid Glass design looks ahead of the iOS 26 launch, and the latest beta makes a change to the Lock Screen. The Lock Screen clock has been updated with additional transparency, allowing more of the background to peek through. Beta 6 on left, beta 5 on right The clock also has more of a 3D, floating look, which is in line with the rest of the ...
Read Full Article187 comments
iPhone 17 Pro Dark Blue and Orange

iPhone 17 Pro to Start at $1,049 With Doubled Base Storage

Wednesday August 13, 2025 1:45 am PDT by
Apple's upcoming iPhone 17 Pro will have a starting price that is $50 more than the iPhone 16 Pro but it will come with a minimum 256GB of storage, doubling the base capacity compared to last year's model. The information comes from Chinese leaker Instant Digital, posting on Weibo. The account, which has 1.5 million followers, has now made the claim three separate times in recent weeks....
Read Full Article124 comments
Low Cost MacBook Feature A18 Pro

New 12.9-Inch MacBook Could Launch This Year Starting at $599

Monday August 11, 2025 1:38 am PDT by
Apple's rumored new more affordable MacBook could have a starting price as low as $599 and launch as soon as this year, according to a new report out of Asia. We first learned of Apple's low-cost MacBook plans in late June, when analyst Ming-Chi Kuo said the company was developing a "more affordable" 13-inch laptop that would compete with Chromebooks and drive MacBook purchases, though he...
Read Full Article284 comments
iPhone 17 Pro Feature Dual

When Will Apple Announce the iPhone 17 Event?

Tuesday August 12, 2025 12:46 pm PDT by
It is now mid-August, meaning that Apple's annual iPhone event is just around the corner. This year, Apple is expected to unveil the iPhone 17, the all-new iPhone 17 Air, the iPhone 17 Pro, and the iPhone 17 Pro Max. Here are some of the key rumors for those devices:iPhone 17: Same design as iPhone 16, but with an A19 chip, a larger 6.3-inch display, an upgraded 24-megapixel front camera, ...
Read Full Article38 comments
airpods pro 2 pinnk

iOS 26: 7 New AirPods Features

Friday August 8, 2025 12:31 pm PDT by
With iOS 26, Apple is bringing several new features to the AirPods, making them more useful than before. The added functionality will be available this fall when Apple releases iOS 26 and updated AirPods firmware, but you can test everything new right now. Camera Remote The AirPods can be used as a camera remote for the Camera app or third-party iOS camera apps. You'll need to enable the...
Read Full Article22 comments
Golden Apple Logo

Every Apple Secret That Leaked Yesterday

Thursday August 14, 2025 4:13 am PDT by
Apple made a major slip Wednesday when it accidentally included hardware identifiers in software code linking to numerous unannounced products. The leaked information provided MacRumors with concrete evidence of Apple's hardware development across multiple product categories. Here's everything that was confirmed through the code discoveries: New HomePod mini with updated chip – New...
Read Full Article50 comments
maxresdefault

Top 5 Features Coming to the Apple Watch Ultra 3

Tuesday August 12, 2025 11:48 am PDT by
We're just about a month away from Apple's annual September event, and we're going to get a new version of the Apple Watch Ultra for the first time since 2023. There are some useful new features rumored for the Apple Watch Ultra 3, which we've summarized below. Subscribe to the MacRumors YouTube channel for more videos. Satellite Connectivity - The Apple Watch Ultra 3 will be the first...
Read Full Article66 comments
iPhone 17 Pro 3 4ths Perspective Aluminum Camera Module 1

Alleged iPhone 17 Pro Chassis Offers First Look at All-Aluminum Body

Thursday August 14, 2025 3:40 am PDT by
An alleged iPhone 17 Pro production leak may provide a first look at the device's milled all-aluminum chassis, which this year includes the camera bump – in contrast to last year's iPhone 16 Pro model that features a glass camera module attached to an all-glass back panel. Originally shared by leaker Majin Bu, the image below could be of a moulding, but it still lines up with rumors that...
Read Full Article68 comments

Top Rated Comments

HiVolt Avatar
HiVolt
27 weeks ago
How does Kaspersky find this and not Apple? if the same code was rejected or removed before how did these apps get approved?
Score: 15 Votes (Like | Disagree)
sw1tcher Avatar
sw1tcher
27 weeks ago

How does Kaspersky find this and not Apple? if the same code was rejected or removed before how did these apps get approved?
Apple's claim that they carefully review all apps before approving them and that their App Store is 100% safe is an illusion.

No way Apple has enough resources to review all apps. The amount of employees and time needed to do this is ridiculously high.
Score: 10 Votes (Like | Disagree)
AppliedMicro Avatar
AppliedMicro
27 weeks ago

It is worth noting that Apple
“… when removing the apps, Apple found another 89 with the same code that had been previously rejected or removed from the ‌App Store‌ for violating Apple's fraud policies“
Score: 8 Votes (Like | Disagree)
UpsideDownEclair Avatar
UpsideDownEclair
27 weeks ago
Buh? But the App Store splash screen told ME it was a safe, trusted place!!!!!1!
Score: 7 Votes (Like | Disagree)
nt5672 Avatar
nt5672
27 weeks ago

How does Kaspersky find this and not Apple? if the same code was rejected or removed before how did these apps get approved?
Because Apple is all about image, not functionality.
Score: 6 Votes (Like | Disagree)
sw1tcher Avatar
sw1tcher
27 weeks ago
11 apps were removed in total, but when removing the apps, Apple found another 89 with the same code that had been previously rejected or removed from the App Store
Well, that's just embarrassing.
Score: 6 Votes (Like | Disagree)
Read All Comments