Apple and Google both have removed from their mobile stores a malicious application that uploads a user’s contact list to a remote server.
The app, named “Find and Call,” is believed to be the first malware to impact Apple’s App Store, Denis Maslennikov, a senor malware analyst at Kaspersky Lab, which discovered the threat, said in a Thursday blog post. It bills itself as an app that can help users organize their address book, but actually commits data hijacking and spews spam via text message and email to the contacts of victims.
Once a user installs the app, they are asked to register it by using an email address and cell phone number, Maslennikov said. Afterward, they are asked if they’d like to locate their friends. If they agree, the data from their contact list is sent to a remote server. Then, their contacts are hit with spam that requests they also download the app.
“It is worth mentioning that the ‘from’ field contains the user’s cell phone number,” he wrote. “In other words, people will receive an SMS spam message from a trusted source.”
The apps, which have since been removed from both Google’s and Apple’s stores, garnered very negative feedback from users and appeared to only affect Russian users, Maslennikov said.
This marks the first time that a trojan has found its way into iOS App Store, he said. But, it is just one of a bevy of suspicious programs that infiltrated Google Play, formerly known as the Android Market, because of the company’s open developer model. Apple has more of a stringent certification process in place for its developers.
A Google spokesman told SCMagazine.com that the company doesn’t comment on the removal of specific apps, but said developers must follow certain policies. An Apple representative did not respond to a request for comment.