FBI Warns iPhone and Android Users: Delete These 17 Apps Now to Avoid Snooping
Here are the top 5 things you need to know about this urgent security alert.
- The FBI and CISA have issued a joint advisory warning that 17 popular apps—including file converters, VPNs, and QR scanners—are infected with the 'SparkCat' malware, which can steal your photos, passwords, and crypto wallet data by accessing your phone's photo library.
- This is not a hoax; the advisory confirms the malware is disguised as legitimate apps on both the Apple App Store and Google Play Store collectively. Users who have downloaded any app from the official list must delete them immediately to stop active data theft.
- The malware works by scanning for text in images; specifically, it looks for recovery phrases for Bitcoin and other cryptocurrency wallets, meaning hackers can drain your digital assets simply by you having a screenshot saved on your phone.
- This batch of apps has been downloaded over 10 million times globally, making it one of the largest spyware campaigns targeting mobile devices in 2025. If you've used a "free" app that requests access to your photo library unnecessarily, assume your data is compromised.
- Security experts recommend a full factory reset on your phone if you downloaded any of the named apps, as the malware may have left hidden persistence files. Change every password associated with your Google or iCloud account immediately, and monitor your financial accounts for suspicious activity.