Saving Your Wallet Details, Seed Phrase as a Photo on Your Phone? This Trojan May Be Targeting You

A new strain of mobile spyware, dubbed SparkKitty, has infiltrated Apple’s App Store and Google Play, posing as crypto-themed and modded apps to stealthily extract images of seed phrases and wallet credentials.

The malware appears to be a successor to SparkCat, a campaign first uncovered in early 2025, which used fake support chat modules to silently access user galleries and exfiltrate sensitive screenshots.

SparkKitty takes the same strategy several steps further, Kaspersky researchers said in a Monday post.

Unlike SparkCat, which mostly spreads through unofficial Android packages, SparkKitty has been confirmed inside multiple iOS and Android apps available through official stores, including a messaging app with crypto exchange features (with over 10,000 installs on Google Play) and an iOS app called “币coin,” disguised as a portfolio tracker.

(Securelist)

At the core of the iOS variant is a weaponized version of the AFNetworking or Alamofire framework, where attackers embedded a custom class that auto-runs on app launch using Objective-C’s +load selector.

On startup, it checks a hidden configuration value, fetches a command-and-control (C2) address, and scans the user’s gallery and begins uploading images. A C2 address instructs the malware on what to do, such as when to steal data or send files, and receives the stolen information back.

The Android variant utilizes modified Java libraries to achieve the same goal. OCR is applied via Google ML Kit to parse images. If a seed phrase or private key is detected, the file is flagged and sent to the attacker’s servers.

Installation on iOS is done through enterprise provisioning profiles, or a method meant for internal enterprise apps but often exploited for malware.

(Securelist)

Victims are tricked into manually trusting a developer certificate linked to “SINOPEC SABIC Tianjin Petrochemical Co. Ltd.,” giving SparkKitty system-level permissions.

Several C2 addresses used AES-256 encrypted configuration files hosted on obfuscated servers.

Once decrypted, they point to payload fetchers and endpoints, such as/api/putImages and /api/getImageStatus, where the app determines whether to upload or delay photo transmissions.

Kaspersky researchers discovered other versions of the malware utilizing a spoofed OpenSSL library (libcrypto.dylib) with obfuscated initialization logic, indicating an evolving toolset and multiple distribution vectors.

While most apps appear to be targeted at users in China and Southeast Asia, nothing about the malware limits its regional scope.

Apple and Google have taken down the apps in question following disclosure, but the campaign has likely been active since early 2024 and may still be ongoing through side loaded variants and clone stores, researchers warned.

Read more: North Korean Hackers Are Targeting Top Crypto Firms With Malware Hidden in Job Applications

CoinMarketCap Briefly Exploited With Wallet Phishing Pop-Up Message

Hackers exploited a vulnerability in CoinMarketCap’s front-end system, using a seemingly harmless doodle image to inject malicious code that triggered fake wallet verification pop-ups across the site.

The breach, confirmed by CoinMarketCap, used its backend API to deliver a manipulated JSON payload that embedded JavaScript into the homepage according to blockchain security firm Coinspect Security.

The script caused an unauthorized prompt instructing users to “Verify Wallet,” a phishing tactic aimed at tricking visitors into handing over access to their crypto holdings.

The blockchain security firm traced the attack to the platform’s rotating “doodles” feature, which allowed attackers to embed the malicious code without altering the site’s core infrastructure.

The pop-up was live for a short period before being removed by CoinMarketCap’s team.

“Upon discovery, we acted immediately to remove the problematic content,” CoinMarketCap said in a statement posted to social media. “Comprehensive measures have been implemented to isolate and mitigate the issue.”

CoinMarketCap has not disclosed how many users encountered the pop-up or whether any wallets were compromised.

Binance, Kraken Thwarted Social Engineering Attacks Similar to Coinbase Hack

Binance and Kraken, two of the world’s largest cryptocurrency exchanges, were recently targeted in a wave of social engineering attacks similar to the one that led to a major data breach at Coinbase.

Hackers approached customer support agents with bribery offers and detailed instructions for contacting attackers through Telegram, Bloomberg reports citing people familiar with the matter. Both exchanges managed to block the attempts without losing any customer data.

The exchanges faced tactics mirroring those used against Coinbase (COIN), which earlier this week revealed it expects to pay $180 million to $400 million in remediation costs and customer reimbursements after attackers gained access to their personal information.

That breach led to a $20 million ransom demand after the attackers managed to bribe Coinbase’s overseas employees/contractors to get customer information. The exchange has fired the staff involved and has contacted law enforcement.

At Binance, internal systems including artificial intelligence bots helped detect bribery-related messages, shutting down conversations before they escalated. Policies that limit access to customer data unless users initiate contact also helped mitigate risk.

Coinbase’s reportedly started seeing unusual activity in January, and last December, rival exchanges had begun warning the company about unusual activity targeting its largest clients.

Settlement Denied: XRP Drops After Ripple Hits Legal Roadblock

Ripple’s bid to wrap up its long‑running fight with the US Securities and Exchange Commission hit a snag on May 15. A federal judge in New York tossed out the deal because it was filed the wrong way. This hiccup doesn’t change past rulings, but it does force both sides back to the drawing board.

Court Blocks Settlement Motion

According to court papers, Judge Analisa Torres ruled that Ripple and the SEC used the wrong rule to ask for a change. They tried to dissolve an injunction and chop a $125 million fine down to $50 million. But under Rule 60, you need to prove “exceptional circumstances” when you’re asking to revisit a final order. Without that proof, the judge said the motion was “procedurally improper” and tossed it.

Parties Must Refile Under Rule 60

Based on reports from attorney James Filan on X, Ripple and the SEC agreed on the deal back on May 8. They even filed papers together. Yet, they skipped the part about showing why they should get a do‑over.

Now, both sides have to write up a new motion. Fred Rispoli, another lawyer, said they’ll have to “do it the hard, messy way” by following the rule book. That means spelling out why a final court decision needs a second look.

Market Reacts With Price Drop

When word got out, XRP took a hit. The price slid about 2.5% in a single day. Open interest also fell by 9% to $4.90 billion, according to CoinGlass data. Long positions worth over $21 million were wiped out as traders scrambled to cut losses. Short‑term traders are watching a key support level at $2.35. If that line holds, we might see a bounce. If it breaks, prices could dip even further.

Legal Wins Remain Intact

Ripple’s chief legal officer, Stuart Alderoty, reminded everyone that past victories are safe. In 2023, a judge ruled that XRP wasn’t a security in programmatic sales. Institutional sales still count as securities, but retail sales were cleared.

Alderoty said on X that this recent setback is just about “procedural concerns with the dismissal of Ripple’s cross‑appeal.” He made it clear that nothing in that ruling takes away what Ripple already won.

Next Steps For Ripple And SEC

Now, both sides face a longer road ahead. They’ll need to gather evidence for a new Rule 60 motion. That could push any final settlement into late summer or beyond. Until then, traders will keep their eyes on court calendars and price charts.

Featured image from Bankless Times, chart from TradingView

KuCoin Commits $2 Billion to “Trust Project” Focusing on Crypto Security and Transparency

Digital assets exchange KuCoin has unveiled a new initiative, the “Trust Project,” with a massive $2 billion investment aimed at reinforcing user safety, boosting transparency, and ensuring long-term accountability in the crypto market.

The announcement came during TOKEN2049 Dubai, where KuCoin CEO BC Wong, alongside the exchange’s European Union CEO Oliver Stauber, detailed the initiative’s vision to align crypto operations more closely with regulatory frameworks and user-centric principles.

At its core, the Trust Project focuses on key values such as infrastructure neutrality, responsible innovation, and enhanced protections against platform risks. KuCoin’s native token, KCS, play a more pivotal role in governance, ecosystem management and user reward programs.

“We’re directing resources where they count — toward building credibility, protecting our users, and securing the future of crypto,” Wong said during his keynote.

Whale Alert: XRP Accumulation Reaches 5-Year Peak – Details

XRP has been causing waves in the crypto space with a significant price pop and equal amounts of market attention from investors. Whale and shark wallets holding a minimum of 1 million XRP recently reached a five-year high of 45.61 billion tokens.

The increase in accumulation suggests renewed confidence from high net-worth investors who believe there is more upside for the coin.

As per Santiment, these whales collected 3.44 billion tokens over the last two years which is an uptick of 8%. The last week brought jubilant news for the XRP enthusiasts as the price rallied by over 90%. The excitement around the currency however is on the all-time high due to the prevailing communal positive energy and enthusiasm.

Rising Prices, Growing Conversations

The strong rally of XRP has ignited conversations online once more. Nearly 5% of crypto discussion recently has focused on XRP’s impact which indicates its increasing relevance. The token is currently priced at approximately $0.71 and has strong resistance ahead of it. Analysts believe that, given factors such as funding rates and the fear of missing out (FOMO), maintaining that momentum will be essential in the next upward price movement.

However, considerable concern persists. If overextended longs arise on big exchanges such as Binance, the rising trend may slow. It’s a fine line between optimism and the requirement for market health to sustain prolonged rallies.

Technical Breakout Leads To Higher Targets

Technically, XRP’s recent price fluctuations indicate a positive trend. Crypto researcher Jonathan Carter said that the token has broken out of a triangle pattern that has been in place since 2021. Such breakthroughs frequently herald big price movements, and for XRP, this could point to mid-term resistance around $1.68.

Historical patterns, on the other hand, add to optimism. Analysts have drawn comparisons to XRP’s performance in 2017, indicating the possibility of exponential development. While estimates range as high as $4.80 by late 2024, they are dependent on sustained growth and broader market circumstances.

Market Activity Supports Momentum

There has also been increased activity of XRP in the market as well. The trading volume within the last 24 hours has registered an increase of 120% to hit the $17.50 billion mark. This rise coupled with a 12 percent rise in open interest in respect of XRP derivatives points out to more traders betting on the potential of the token for further upside.

Despite the positive developments, caution is urged. Based on CryptoQuant data, while miner sell-offs are currently contained, they are likely to be more pronounced if the rally goes beyond the allowable limits.

As of now, investors in XRP are hopeful of the future, thanks to whale accumulation, technical breakouts, and a proactive community. But whether this trend can actually continue or not will depend on the balance of market forces and investors’ expectations.

Featured image from Earth.com, chart from TradingView

XRP Price Patterns And 2024 Election Spark Talk Of A New Rally

Analysts are once again paying close attention to the price trend of XRP and the US election cycles. Many people who follow the market say that if a crypto-friendly candidate wins, XRP could go through a big jump, similar to what happened after other elections. Could this be the start of another rally?

After the 2016 and 2020 US elections, XRP’s value skyrocketed, as expected by market observers. These two major occurrences benefited cryptocurrencies, which analysts expect to happen again in 2024 under Donald Trump.

Market expert Mikkybull observes a “symmetrical triangle” pattern that preceded these elections and led to significant achievements. Since XRP has achieved these highs before, some wonder if history will repeat.

Patterns Of XRP In The Past: From Triangle To Surge

Mikkybull observes that the price of XRP fell marginally after the 2016 elections but eventually increased by 60,000%, reaching the all-time high (ATH) level of $3.31. The 2020 election caused another upward spike which resulted in the altcoin increasing by 170% within the span of one month.

There was also a liquidity crunch in December for the cryptocurrency market however this was occasioned by the contrary ruling from the SEC against Ripple Labs. In light of the ongoing litigation, the election rally evokes interest because it proposes that such increases could be achieved in 2024. Given the current bullish sentiment in the market, Mikkybull believes that another rally is almost imminent.

Positive Technical Indicators

At present, XRP is trading at approximately $0.6393 and is encountering a resistance level at $0.6533. The prospective path to the next target at $0.7463 is seen by analysts if it can overcome this barrier. Volume is increasing, and recent gains may provide the necessary impetus.

RippleLord, a market expert, predicts that the price of XRP may even resume its 2017 highs if this rally continues. In 2017, XRP experienced a significant increase from $0.06 to nearly $3.84. RippleLord believes that XRP could at least reach a consolidation level of $3, with a longer-term peak potentially reaching $28 if market conditions coincide, despite the fact that repeating such a massive run may be ambitious.

Legal Developments

Meanwhile, the recent court ruling by Judge Analisa Torres, who determined that XRP is not a security, is another factor that strengthens the case for XRP. This eliminates an immense regulatory obstacle that has undermined XRP for years.

Additionally, Ripple’s ongoing dedication to innovation is evidenced by its initiatives to broaden its payment services, such as the Dubai Financial Services Authority’s recent approval.

Featured image from Pexels, chart from TradingView