0 people like it thumbs up
0 people dislike it thumbs up

Trojan App Snakes into Apple App Store

Posted on July 9, 2012
Category:

A Trojan app designed to steal copies of iPhone’s and Android smartphones’ address books appeared on both the official Apple App Store and Google Play. Digital security experts were baffled on how this malware went unnoticed for at least a week.

The app, named “Find and Call,” is a leak-and-spam type of malware. Denis Maslennikov, a security researcher at Kaspersky Lab, wrote about Find and Call in detail in a blog post. Both Apple and Google have removed the malicious app last week.

Maslennikov wrote that while malware appearing in Google Play is a usual sight, it is “the first case that we’ve seen of malware in the Apple App Store.”

“It is worth mentioning that there have not been any incidents of malware inside the iOS Apple App Store since its launch five years ago. But the main issue here is user’s privacy–again.”

There have been apps that grab address book data, but they do so in the name of “social network functionality” such as Hipster and Path. Both apps upload users’ address books to servers controlled by developers, but require explicit permission from users before doing so.

But Find and Call, according to Maslennikov, was clearly malicious. Reviews of the app on both the Apple App Store and Google Play have been far from favorable, with many users complaining that rather than providing a free call service, the app was instead sending spam SMS messages to their address book contacts. The spam messages list the user’s cell phone number in the “from” field, indicating that the SMS actually appear to have come from the user. The message, however, contains a URL link to download Find and Call app.

The developer of the app claims that the spam messages had been sent erroneously, adding that Find and Call is “in the process of beta-testing,” and the bug has since been fixed.

Source: Secure List, via Information Week

 
 

Comments

 
[...] of malware. Denis Maslennikov, a security researcher at Kaspersky Lab, wrote about Find an… Read More » [...]
[...] of malware. Denis Maslennikov, a security researcher at Kaspersky Lab, wrote about Find an…Read More »  Gadget News and Reviews – [...]
[...] of malware. Denis Maslennikov, a security researcher at Kaspersky Lab, wrote about Find an… Read More » [...]

Gadget on Facebook

Sponsored Links

Twitter

Trending posts from gadgetcom on Twitter, updated daily!
  • Loading, Please Wait...