Recently, the cybersecurity company Kaspersky issued a warning, revealing that several applications on the App Store and Google Play platforms have been invaded by the malicious software "SparkCat", including the well-known Thai food delivery platform "Wukong Waimai". This malicious software steals personal privacy information by scanning the photo albums on users' devices, and may even steal virtual currency and bank account passwords.
Kaspersky's researchers stated that after obtaining user authorization, "SparkCat" malicious software will request access to the pictures and screenshots in the device. The software uses optical character recognition (OCR) technology to scan the contents of the album, filtering out sensitive information such as chat records, bank accounts, credit card information, etc., and may even steal users' virtual currency, causing serious financial losses to users.
The Thai Wukong Waimai App is also among the affected applications, and many users have reported unexplained thefts, now realizing that the problem is related to the Wukong Waimai App.
Currently, Kaspersky has published a complete list of affected applications, including 43 from the App Store and 10 from Google Play. In addition to Wukong Waimai, other involved applications include ATV Asia TV, VPN accelerators, and some blockchain-related applications, etc.
Cybersecurity experts remind users to be cautious about downloading and using applications of unknown origin, and to regularly check device permission settings to prevent privacy leaks and financial losses.
PS: The market is not good, these gray production apps have started harvesting!
