Researchers have recently uncovered a worrying trend in mobile marketing - malicious apps containing malware have made their way onto both Apple's iOS App Store and Google's Play Store. Specifically, they've found a type of photo-scanning malware called SparkCat that targets cryptocurrency users by stealing recovery phrases from digital wallets.

SparkCat is a sophisticated malicious framework designed to scan images on your device for specific keywords, such as crypto wallet recovery phrases. This means if you have any screenshots containing these phrases, the malware can identify them and send them back to the attackers. The researchers at Kaspersky discovered this malware in several apps that were available on both iOS and Android platforms.

One of the first apps to raise suspicions was a Chinese food delivery app called ComeCome. Although it's been removed from both app stores, it marked the first known instance of OCR (optical character recognition) malware appearing on Apple's App Store. The researchers also found other apps with similar malicious frameworks, including AI messaging services like WeTink and AnyGPT.

What makes this mobile marketing threat even more concerning is that some of these apps may not even be using the malware intentionally. Malicious actors can hijack an app and embed the malware without the developers realizing it. This highlights the importance of exercising caution when downloading new apps, even from official app stores.

If you've installed any of these affected apps on your iPhone or Android, delete them immediately. Even if the developers didn't add the malicious framework intentionally, the apps are no longer safe to keep on your device. It's also essential to clean out your images folder and delete any sensitive information, such as crypto wallet recovery phrases.

To stay ahead of mobile marketing threats like SparkCat, always review an app's page before installing it, including reviews, description, and screenshots. Be wary of generic AI apps that seem too good to be true, as they may be hiding malicious code. By being informed and cautious, you can protect your device from these types of attacks.

This article was updated on Friday, Feb. 7, to reflect that Apple and Google have removed the named malicious apps from their app stores.