LIVE
Ripple Partners With SBI Group to Launch Stablecoin in JapanHyperliquid X Launches Portfolio Margin in BetaAnthropic Pre-IPO Futures Drop After Coinbase DebutEthereum Foundation Cut Staff, Slashed Budget 40%: ReportTelegram Traders See 80% Chance of Bitcoin Falling Below $55,000Charles Schwab Bitcoin Trading Rollout: What We KnowDOJ Seizes Huione Infrastructure Tied to Billions in Crypto LaunderingSBI Group Launches JPYSC, Japan's First Trust Bank-Backed Yen StablecoinTrump Signs Quantum Computing Orders as Bitcoin Security Fears RiseSOIL Eyes XRP Ledger Lending App After XLS-65, XLS-66 UpgradesRipple Partners With SBI Group to Launch Stablecoin in JapanHyperliquid X Launches Portfolio Margin in BetaAnthropic Pre-IPO Futures Drop After Coinbase DebutEthereum Foundation Cut Staff, Slashed Budget 40%: ReportTelegram Traders See 80% Chance of Bitcoin Falling Below $55,000Charles Schwab Bitcoin Trading Rollout: What We KnowDOJ Seizes Huione Infrastructure Tied to Billions in Crypto LaunderingSBI Group Launches JPYSC, Japan's First Trust Bank-Backed Yen StablecoinTrump Signs Quantum Computing Orders as Bitcoin Security Fears RiseSOIL Eyes XRP Ledger Lending App After XLS-65, XLS-66 Upgrades
Thursday, June 25, 2026

BLOCKCHAIN • CRYPTOCURRENCY • NARRATIVE JOURNALISM

Homepage/News/Kaspersky Identifies SparkKitty Malware Targeting Crypto Seed Phrases
NEWS

Kaspersky Identifies SparkKitty Malware Targeting Crypto Seed Phrases

BY Solomon M.·2 MIN READ·JUNE 24, 2025

Kaspersky has identified a new malware, SparkKitty, which targets cryptocurrency users in Southeast Asia and China by stealing screenshots of seed phrases from infected mobile devices.

KEY FINDINGS - EVIDENCE LEVEL: MULTI-SOURCE
4Key sections mapped in this report
0Internal references connected to related coverage
5External source domains cited in the article
2 minEstimated time to read the full report
Key Points:
  • Kaspersky discovers SparkKitty malware targeting crypto users’ seed phrases.
  • Affects users in Southeast Asia and China.
  • Steals device screenshots, risking crypto asset security.
kaspersky-identifies-new-malware-sparkkitty-targeting-crypto-users
Kaspersky Identifies New Malware SparkKitty Targeting Crypto Users

Investigation and Industry Response

Kaspersky researchers Sergey Puzan and Dmitry Kalinin have led the investigation into SparkKitty, which follows the earlier SparkCat campaign. Apple and Google have been alerted and have removed apps linked to the activity. The purpose of SparkKitty revolves around the bulk theft of crypto-related screenshots, posing significant risks to users storing sensitive images on mobile devices. Sergey Puzan, Analyst, Kaspersky, stated, “Although we suspect the attackers’ main goal is to find screenshots of crypto wallet seed phrases, other sensitive data could also be present in the stolen images.”

Geographical Impact and Precautions

Unidentified attackers are believed to be behind SparkKitty, aiming at users in Southeast Asia and China. Both tech giants, Google and Apple, have responded by removing affected applications from their platforms. The malware’s presence underscores the urgent need for users to safeguard seed phrases physically rather than digitally.

Security Strategies for Crypto Users

Immediate concerns within the impacted regions focus on adopting stronger data protection strategies. Crypto wallets using seed phrases are at risk, potentially affecting all digital tokens held in self-custodial mobile wallets. The community stresses the importance of implementing non-digital means of secure storage to protect asset integrity.

Implications and Future Measures

The absence of on-chain disruptions or market-level impacts suggests that SparkKitty’s threat primarily lies in personal security breaches. Historical data shows a pattern of OCR-based attacks targeting seed phrases as a lucrative method for cybercriminals in similar cases, advising caution moving forward. For further insights, incorporating historical data related to malware like SparkCat can provide guidance on addressing similar security challenges. Enhanced cybersecurity measures and awareness can mitigate potential theft, as the crypto industry continues to evolve with these threats.
Disclaimer:

The content on The CCPress is provided for informational purposes only and should not be considered financial or investment advice. Cryptocurrency investments carry inherent risks. Please consult a qualified financial advisor before making any investment decisions.

SOURCE TRANSPARENCY
  • External Source - Referenced domain: kaspersky.com
  • External Source - Referenced domain: blog.google
  • External Source - Referenced domain: apple.com
  • External Source - Referenced domain: csoonline.com
  • Byline - Reported by Solomon M.
  • Coverage Desk - Primary editorial category: News
NEWS

More from News