Apple Removed Apps Infested With Screen Reading Malware

by

Information on new "SparkCat" malware infesting a small number of iOS apps was shared yesterday by Kaspersky, and shortly after the report came out, Apple said that it pulled the offending apps from its App Stores in various countries.

iOS App Store General Feature JoeBlue
Some of the apps that had hidden malware included ComeCome, WeTink, and AnyGPT. 11 apps were removed in total, but when removing the apps, Apple says that it found another 89 with the same code that had been previously rejected or removed from the App Store for violating Apple's fraud policies. When an app is removed for fraud, Apple terminates the associated developer account.

As outlined by Kaspersky, the apps used a malicious framework with OCR capabilities designed to suss out sensitive information in images and screenshots stored on iPhones. Recovery phrases for crypto wallets were a specific target, with attackers aiming to steal bitcoin and other cryptocurrency, but the malware could target other phrases like passwords.

By default, Apple blocks access to a user's photos, so the apps would have needed express user consent to operate. If given permission to access a Photo Library, the apps could scan through the images to look for key phrases outlined by the attackers. If an image with a relevant phrase was found, it was uploaded to a remote server. Kaspersky found that the malware was likely targeting iOS users in Europe and Asia.

It is worth noting that Apple added granular control over the images that an app is able to access back in iOS 14, and there is an option to provide access to a limited number of images rather than an entire library. It is a good idea to avoid apps that seem sketchy, and to refrain from giving an app access to all of your images.

Apple also provides an App Privacy Report that outlines all of the instances when an app accesses sensitive data like location, images, camera, and microphone. The App Private Report can be found in the Privacy section of the Settings app.

Popular Stories

iOS 26

iOS 26.2 Available Next Month With These 8 New Features

Tuesday November 11, 2025 9:48 am PST by
Apple released the first iOS 26.2 beta last week. The upcoming update includes a handful of new features and changes on the iPhone, including a new Liquid Glass slider for the Lock Screen's clock, offline lyrics in Apple Music, and more. In a recent press release, Apple confirmed that iOS 26.2 will be released to all users in December, but it did not provide a specific release date....
Read Full Article68 comments
m1 chip slide

Five Years of Apple Silicon: M1 to M5 Performance Comparison

Monday November 10, 2025 1:08 pm PST by
Today marks the fifth anniversary of the Apple silicon chip that replaced Intel chips in Apple's Mac lineup. The first Apple silicon chip, the M1, was unveiled on November 10, 2020. The M1 debuted in the MacBook Air, Mac mini, and 13-inch MacBook Pro. The M1 chip was impressive when it launched, featuring the "world's fastest CPU core" and industry-leading performance per watt, and it's only ...
Read Full Article175 comments
AirPods Pro Firmware Feature

Apple Releases New Firmware for AirPods Pro 2, AirPods Pro 3, and AirPods 4

Thursday November 13, 2025 11:35 am PST by
Apple today released new firmware designed for the AirPods Pro 3, the AirPods 4, and the prior-generation AirPods Pro 2. The AirPods Pro 3 firmware is 8B25, while the AirPods Pro 2 and AirPods 4 firmware is 8B21, all up from the prior 8A358 firmware released in October. There's no word on what's include in the updated firmware, but the AirPods Pro 2, AirPods 4 with ANC, and AirPods Pro 3...
Read Full Article43 comments
iphone pocket%402x

Apple Debuts iPhone Pocket, a Limited Edition iPod Sock-Style Accessory

Tuesday November 11, 2025 1:23 am PST by
Apple has teamed up with Japanese fashion house ISSEY MIYAKE to launch iPhone Pocket, a 3D-knitted limited edition accessory designed to carry an iPhone, AirPods, and other everyday items. The accessory is like a stretchy pocket, not unlike an iPod Sock, but elongated to form a strap made of a ribbed, elastic textile that fully encloses an iPhone yet allows you to glimpse the display...
Read Full Article289 comments
homepod mini colors

New HomePod Mini Coming Soon With These Features

Tuesday November 11, 2025 7:30 am PST by
Apple is expected to announce a new HomePod mini imminently, headlining with new chips. Here are all of the new features we're expecting. The second-generation HomePod mini is highly likely to contain a more up-to-date chip for more advanced computational audio and improved responsiveness. The current HomePod mini is equipped with the Apple Watch Series 5's S5 chip from 2019. Apple is likely ...
Read Full Article119 comments
ios 26 digital id passport wallet

Apple Announces Launch of U.S. Passport Feature in iPhone's Wallet App

Wednesday November 12, 2025 9:15 am PST by
Apple today announced that iPhone users can now create a Digital ID in the Apple Wallet app based on information from their U.S. passport. To create and present a Digital ID based on a U.S. passport, you need: An iPhone 11 or later running iOS 26.1 or later, or an Apple Watch Series 6 or later running watchOS 26.1 or later Face ID or Touch ID and Bluetooth turned on An Apple Account ...
Read Full Article276 comments
homepod mini thumb feature

New HomePod Mini, Apple TV, and AirTag Were Expected This Year — Where Are They?

Wednesday November 12, 2025 11:42 am PST by
While it was rumored that Apple planned to release new versions of the HomePod mini, Apple TV, and AirTag this year, it is no longer clear if that will still happen. Back in January, Bloomberg's Mark Gurman said Apple planned to release new HomePod mini and Apple TV models "toward the end of the year," while he at one point expected a new AirTag to launch "around the middle of 2025." Yet,...
Read Full Article109 comments
Tesla Charging

Tesla Working to Add Apple CarPlay Support to Vehicles

Thursday November 13, 2025 8:31 am PST by
Tesla is working to add support for Apple CarPlay in its vehicles, Bloomberg's Mark Gurman reports. Tesla vehicles rely on its own infotainment software system, which integrates vehicle functions, navigation, music, web browsing, and more. The automaker has been an outlier in foregoing support for Apple CarPlay, which has otherwise become an industry standard feature, allowing users to...
Read Full Article262 comments
CarPlay Pinned Messages

iOS 26.2 Adds New CarPlay Setting

Thursday November 13, 2025 6:48 am PST by
iOS 26 extended pinned conversations in the Messages app to CarPlay, for quick access to your most frequent chats. However, some drivers may prefer the classic view with a list of individual conversations only, and Apple now lets users choose. Apple released the second beta of iOS 26.2 this week, and it introduces a new CarPlay setting for turning off pinned conversations in the Messages...
Read Full Article23 comments
iphone air thinness

iPhone Air Sales Are So Bad That Apple's Delaying the Next-Generation Version

Monday November 10, 2025 11:41 am PST by
The thin, light iPhone Air sold so poorly that Apple has decided to delay the launch of the next-generation iPhone Air that was scheduled to come out alongside the iPhone 18 Pro, reports The Information. Apple initially planned to release a new iPhone Air in fall 2026, but now that's not going to happen. Since the iPhone Air launched in September, there have been reports of poor sales...
Read Full Article578 comments

Top Rated Comments

HiVolt Avatar
HiVolt
10 months ago
How does Kaspersky find this and not Apple? if the same code was rejected or removed before how did these apps get approved?
Score: 15 Votes (Like | Disagree)
sw1tcher Avatar
sw1tcher
10 months ago

How does Kaspersky find this and not Apple? if the same code was rejected or removed before how did these apps get approved?
Apple's claim that they carefully review all apps before approving them and that their App Store is 100% safe is an illusion.

No way Apple has enough resources to review all apps. The amount of employees and time needed to do this is ridiculously high.
Score: 10 Votes (Like | Disagree)
AppliedMicro Avatar
AppliedMicro
10 months ago

It is worth noting that Apple
“… when removing the apps, Apple found another 89 with the same code that had been previously rejected or removed from the ‌App Store‌ for violating Apple's fraud policies“
Score: 8 Votes (Like | Disagree)
UpsideDownEclair Avatar
UpsideDownEclair
10 months ago
Buh? But the App Store splash screen told ME it was a safe, trusted place!!!!!1!
Score: 7 Votes (Like | Disagree)
nt5672 Avatar
nt5672
10 months ago

How does Kaspersky find this and not Apple? if the same code was rejected or removed before how did these apps get approved?
Because Apple is all about image, not functionality.
Score: 6 Votes (Like | Disagree)
sw1tcher Avatar
sw1tcher
10 months ago
11 apps were removed in total, but when removing the apps, Apple found another 89 with the same code that had been previously rejected or removed from the App Store
Well, that's just embarrassing.
Score: 6 Votes (Like | Disagree)
Read All Comments