SEE TOO Most Read
ON THE HIGH Tags
Understand how Sparkcat, the first iPhone virus, works (and how to protect yourself)
6 minutes reading

How SparkCat, the new iPhone virus that scans your photos, works

Alexandre Marques Avatar
Alexandre Marques
February 13, 2025
Present in apps from the App Store, it is capable of analyzing images and screenshots from the iPhone. See how to protect yourself
Table of Contents
  1. How SparkCat Works
  2. How to identify the virus
  3. Recommendations to protect yourself against SparkCat:
    1. Keep your iPhone's iOS up to date
    2. Update your apps on the App Store
    3. Avoid downloading unknown apps
    4. Avoid capturing screenshots with sensitive information
    5. Discover more about Showmetech

O SparkCat is a new virus identified for devices iOS, that is, the iPhones from Apple. It was discovered by the security firm Kaspersky, in applications downloaded by App Store, and its role consists of analyzing images and screenshots stored on your smartphone to search for sensitive information such as passwords and financial data. In this text, we will explain how the new virus works and explore the best practices to ensure the security of your iPhone. Check out:

How SparkCat Works

Image of an iPhone with several photos on the screen.
SparkCat uses an optical character recognition (OCR) module to scan and extract sensitive information from images stored on the device. Photo: Reproduction / Forbes Brazil.

O SparkCat is an Trojan — a type of malware that disguises itself as legitimate software to trick the user into allowing unauthorized access to the system specially developed for devices iOS. Discovered by Kaspersky, one of the leaders in cybersecurity, it represents a milestone in the evolution of digital threats targeting the company's products. Apple , known for their robust security. This malware (any malicious software designed to infect, damage, or gain unauthorized access to devices and systems) was initially identified in applications downloaded from App Store, raising concerns about the security of even the most trusted platforms.

Despite research, it is still unclear how the SparkCat managed to access the virtual stores of Google and the Apple . Once installed through a compromised application, the virus — which is a type of malware that attaches itself to legitimate files or programs and automatically replicates itself to infect other systems — usually asks the user for permission to view photos in their smartphone's gallery. This step is crucial for the operation of the SparkCat, as it allows it to scan and decode images and screenshots stored on the device.

O SparkCat uses a “optical character recognition module” (OCR) to analyze the text present in stored images. This module can identify and extract sensitive information, such as Passwords, financial data and other personal details that can be exploited by cybercriminals. The sophistication of OCR makes it SparkCat a particularly worrying threat as it increases the accuracy and efficiency of the malware in data collection.

A Kaspersky identified that the SparkChat was present in several popular applications. Among them, WeTink, an artificial intelligence chat application; the AnyGPT, another AI chatbot; and the ComeCome, a food delivery app. These apps, when downloaded and used, could expose users to risks such as the leaking of personal and financial information.

Until then, the main targets of the invasions of SparkCat are users located in the Emirados Arabes Unidos, the Europe and Asia, as Kaspersky researchers point out. However, the company warns that victims may also be spread across other countries, expanding the potential reach of this threat.

How to identify the virus

2. Mobile app with colorful icons on a touchscreen, focusing on technology and innovation.
Identifying SparkCat can be challenging due to the seemingly legitimate permissions it requests and its ability to operate without obvious signs of infection. Photo: Reproduction / Freepik.

Identify the virus SparkCat can be a challenging task due to its sophisticated features. According to Kaspersky, SparkCat is endowed with unique characteristics that make it particularly dangerous. Its ability to access official app stores and its discreet operation, which shows no obvious signs of infection, make it difficult for both online store moderators and regular users to detect. This means that it can remain hidden, operating silently in the background and collecting information without being noticed.

Another factor that complicates the identification of SparkCat are the permissions requested by virus, which often appear legitimate and reasonable to the user. The malware requests access to the smartphone's photo gallery, a permission that can easily be interpreted as necessary for the app to function properly. This request for access usually occurs in contexts that seem relevant, such as when the user is using customer support features or other features that justify the use of the image gallery, making it less suspicious.

The gallery access that the malware attempts to obtain may seem essential to the proper functioning of the application from the user's perspective. This permission is typically requested in relevant contexts, such as when users contact customer support.

Dmitry Kalinin, analyst at Kaspersky.
Photo of privacy settings on iPhone with options for controlling data and access to photos.
Through your iPhone's settings, you can prevent certain apps from having permission to access your photos, which prevents scams like those generated by SparkChat. Photo: Reproduction / Mac Maga.zine

Furthermore, the SparkCat uses advanced obfuscation techniques to avoid detection by conventional security programs. It employs methods that allow it to operate stealthily, meaning that it does not exhibit anomalous behavior that could alert the user or security systems. This ability to remain undetected, combined with requesting permissions that do not arouse suspicion, makes SparkCat um Trojan highly effective and difficult to detect.

Recommendations to protect yourself against SparkCat:

With proper precautionary measures, you can mitigate the risks and protect your devices from SparkCat. Below, we will see some recommendations for you to adopt.

Keep your iPhone's iOS up to date

Understand how Sparkcat, the first iPhone virus, works (and how to protect yourself)
Keeping iOS up to date is essential to protect your device against new threats and security vulnerabilities. Photo: Gisele Souza / TechTudo.

Keep your iPhone always up to date with iOS is essential to ensure protection against new security threats and vulnerabilities. The Apple periodically releases updates that not only bring performance improvements, but also fix flaws that could be exploited by malwares as SparkCat. Additionally, security updates often include new protection features, making your device more robust against hacking attempts.

To update iOS, follow these steps:

Step 1: Go to “Settings” in your iPhone.

iPhone maps and settings, usage and navigation tips.
Photo: Screenshot/ Alexandre Marques.

Step 2: Touch “General".

iPhone settings showing general options, settings menu, and access to device options.
Photo: Screenshot/ Alexandre Marques.

Step 3: Select “Software update".

iPhone software update: tips, settings, and improvements.
Photo: Screenshot/ Alexandre Marques.

Step 4: If an update is available, tap “Download and Install".

iOS 18.3.1 software update on iPhone: new features, improvements, and functionalities of the Apple system.
Photo: Screenshot/ Alexandre Marques.

Update your apps on the App Store

Understand how Sparkcat, the first iPhone virus, works (and how to protect yourself)
Regularly updating apps on the App Store helps ensure that the latest security patches are applied. Photo: Reproduction / iHelp Br.

Keep applications always up to date is another important measure to protect your iPhone against cyber threats. App updates often include security fixes and improvements that can prevent virus exploits and malwares. Additionally, developers often release patches to fix vulnerabilities discovered in previous versions of the applications.

To update apps in the App Store, follow these steps:

Step 1: Open the App Store in its iPhone.

iPhone app store application focused on technology and digital trends.
Photo: Screenshot/ Alexandre Marques.

Step 2: Tap your profile icon in the top right corner.

1. The telenovela "Beleza Fatal" is streaming on Max, watch the new hit now.
Photo: Screenshot/ Alexandre Marques.

Step 3: Scroll down to the “Updates“. Tap “Update all” or update apps individually by tapping “Update” next to each application.

Understand how Sparkcat, the first iPhone virus, works (and how to protect yourself)
Photo: Screenshot/ Alexandre Marques.

Step 4: Wait for the updates to complete. Make sure you are connected to a Wi-Fi network for a faster process and without consuming mobile data.

Avoid downloading unknown apps

1. Smartphone with popular apps displayed on the screen, focusing on technology and innovation.
Downloading apps only from well-known and trusted developers reduces the risk of malware infection. Photo: Reproduction / Internet.

Downloading apps from unknown or untrustworthy developers may increase your risk of infection. malwares as SparkCat. These apps may look legitimate, but they contain malicious code that can compromise your device's security. It's always a good idea to only download apps from reputable developers with good reviews on the App Store. Additionally, checking the permissions requested by the app and being wary of unnecessary requests can help prevent the installation of malicious software.

Use a Reliable Antivirus

Protection against viruses and malware on computers and mobile devices.
An antivirus can detect and block threats like the SparkChat virus, protecting your data against intrusions and malware hidden in suspicious applications. Photo: Reproduction / Internet.

To protect yourself from the virus SparkChat and other digital threats, it is essential to install a powerful and always up-to-date antivirus program. A good antivirus can detect and block malware before it infects your device, offering real-time protection against suspicious links, dangerous downloads and malicious applications. Also, be careful when granting permissions to new applications, especially those that request full access to your photo gallery. Only grant this type of permission if you really trust the service and, when in doubt, limit access to just a specific photo or video.

At Showmetech, we already have an article selecting the best antivirus that you can count on in these cases.

Avoid capturing screenshots with sensitive information

iPhone screen lock for greater privacy and security.
Avoiding taking screenshots with confidential data prevents sensitive information from being compromised if the device is infected. Photo: Reproduction / iHelp Br.

Taking screenshots of sensitive information, such as passwords, banking information, and other personal details, can lead to unauthorized access to this information. To ensure the safety of your data, avoid taking screenshots of sensitive information. If you must save this information, consider storing it in secure, password-protected applications, and never share screenshots containing sensitive data via messaging or social media apps.

You can also check out our article on how to enable iphone password manager is about best password managers to use on mobile, PC and Mac.

I already knew these ways to protect myself against the virus Sparkcat? Tell us about it Comment!

See also:

OmniHuman-1: TikTok owner launches AI that creates human videos from a single image

Sources: Kaspersky, The Verge e Crypto News.

reviewed by Gabriel Princessval in 11 / 02 / 2025

Discover more about Showmetech

Sign up to receive our latest news via email.

Related Posts