New malware targets iPhones, Android devices to steal crypto wallets

By Phong Ngo February 5, 2025 | 08:33 pm PT

Cybersecurity firm Kaspersky Lab has warned iPhone and Android users about a newly discovered malware capable of stealing cryptocurrency funds.

Bitcoins placed next to a smartphone. Illustration by Pexels

The malicious software, found on both the App Store and Google Play Store, spreads through 20 counterfeit apps, including messaging platforms, AI assistants, food delivery services, and cryptocurrency exchanges.

Kaspersky reported that the infected apps have been downloaded over 242,000 times from Google Play.

"This is the first known case of a styler getting into the App Store," it added.

Forbes has reached out to Google and Apple for comments and confirmation on whether the affected apps have been removed.

The malware is designed to steal seed phrases—security keys used to recover cryptocurrency wallets—giving attackers full control over victims’ funds.

Once installed, the fake apps request access to the device’s photo gallery. The malware then scans stored images for wallet recovery phrases in multiple languages, allowing hackers to take over crypto accounts.

Kaspersky advised users: "Do not store screenshots with sensitive information in the gallery, including phrases to restore access to cryptocurrency wallets.

"Passwords, confidential documents and other sensitive data can be stored in special applications."