From www.bleepingcomputer.com: Android and iOS apps available on Google Play and the Apple App Store have been found to contain a malicious SDK known as “SparkCat,” which steals cryptocurrency wallet recovery phrases using optical character recognition.

The infected apps, which include 18 on Android and 10 on iOS, have collectively been downloaded over 242,000 times, with some still available in the stores.

Users are advised to uninstall these apps immediately and seek alternatives for storing their wallet recovery information securely.