Over 40 fake Firefox extensions mimicking crypto wallets like MetaMask and Coinbase have been flagged for crypto theft in an active campaign.

Private key and seed phrase theft and front-end compromise are the main infrastructure attack vectors that take advantage of the intrinsic vulnerabilities in cryptocurrency security infrastructures.

Seed phrase exploits and front-end compromises were the primary attack method used by bad actors in the first half of 2025, accounting for over 80% of losses.

Kaspersky warns of SparkKitty malware stealing crypto seed phrases from photos on iOS and Android. Users should avoid unknown apps and APK sideloading.

Kaspersky discovers SparkKitty malware targeting crypto seed phrases via OCR. The malware infiltrated the official App Store and Google Play through infected apps. The campaign targeted Southeast Asia ...

A new strain of mobile spyware is targeting crypto users by stealing screenshots of their wallet seed phrases, with some infected apps slipping past Apple and Google’s store defenses. Kaspersky has ...

Saving Your Wallet Details, Seed Phrase as a Photo on Your Phone? This Trojan May Be Targeting You Successor to SparkCat spyware spreads via official app stores, exfiltrates gallery photos using ...

A photo-stealing malware has infiltrated major app stores with the goal of finding crypto seed phrases and other sensitive information, Kaspersky warns.

Kaspersky discovers SparkKitty malware stealing crypto seed phrase screenshots from iOS and Android devices using OCR technology.

A new strain of mobile spyware, dubbed SparkKitty, has infiltrated Apple’s App Store and Google Play, posing as crypto-themed and modded apps to stealthily extract images of seed phrases and wallet ...

SparkKitty malware targets crypto users by stealing seed phrase screenshots via apps on Apple and Google stores, with thousands of downloads before removal.