New Account Theft Method Revealed, Instantly Wiped Out of Accounts

Jakarta, CNBC Indonesia –With the changing times, it’s clear you need to be extra cautious when using the internet. New methods are constantly emerging, aiming to take over and drain your account.

One such method discovered involves a request for crypto account recovery. This serves as a gateway for malware called SparkKitty.

Kaspersky identified this malware in January 2025. SparkKitty was found to have been distributed extensively through both the Play Store and App Store since February 2024, as well as through unofficial channels.

One example of an infected app is Soex. The app, downloaded more than 10,000 times on the Play Store, is a messaging service with crypto trading and exchange features.

Victims who download the app will request permission to access and modify the image library on their iOS and Android devices. Once access is granted, the app will re-scan for changes, such as added or deleted images.

SparKitty is equipped with optical character recognition. Its purpose is to scan user photos and collect phrases generated on crypto exchange apps for account recovery.

Tech Radar reports that there’s another risk that attackers might use other images in the library to threaten victims. However, there’s no evidence of such a threat yet.

One way to prevent falling victim is to ensure that the apps you download come from trusted developers. Also, check reviews to see if they’re trustworthy; if not, don’t install them on your phone.

You should also be wary of apps that request more permissions than necessary, including permissions for configuration profiles or new certificates.

Finally, when creating an account recovery phrase, be sure to store it in a secure location, such as a trusted cloud storage or password manager.SOURCE : CNBC INDONESIA