OCR Crypto Stealers in Google Play and App Store(securelist.com)
securelist.com
OCR Crypto Stealers in Google Play and App Store
https://securelist.com/sparkcat-stealer-in-app-store-and-google-play/115385/
7 comments
Only if the guards you hire know what they are doing.
If you have ever been through the app review process, you know that it is opaque, flawed, and clearly being run by inexperienced or overworked people who just don't have time to do anything remotely resembling a security audit.
If you have ever been through the app review process, you know that it is opaque, flawed, and clearly being run by inexperienced or overworked people who just don't have time to do anything remotely resembling a security audit.
It's written in Rust:
> The malware, which we dubbed “SparkCat”, used an unidentified protocol implemented in Rust, a language untypical of mobile apps, to communicate with the C2.
So all the Hacker News folks will probably think it's great.
> The malware, which we dubbed “SparkCat”, used an unidentified protocol implemented in Rust, a language untypical of mobile apps, to communicate with the C2.
So all the Hacker News folks will probably think it's great.
Wasn't the walled garden model supposed to protect from this ?