It appears that the once pure Apple App Store has finally fallen victim to the hackers with news that a Trojan app called “Find and Call” was found sending phone book details to a remote server and spamming user contacts.
Obviously it was less surprising to find the app on Google Play for Android with their history of malware issues however the approval process for the iTunes App Store has, up until now, done a great job of keeping this problem at bay.
Kaspersky lab expert Denis Maslennikov wrote: “At first glance, this seemed to be an SMS worm spread via sending short messages to all contacts stored in the phone book with the URL to itself.
However, our analysis of the iOS and Android versions of the same application showed that it’s not an SMS worm but a Trojan that uploads a user’s phonebook to remote server. The ‘replication’ part is done by the server – SMS spam messages with the URL to the application are being sent from the remote server to all the contacts in the user’s address book.”
Once installed, users are able to continue using the application while at the same time uploading data and sending SMS spam messages offering to click on a URL and download the “Find and Call” application. Since the message is coming from the users phone, the recipient will believe that the message is from a trusted source and likely click the link.
The app has a supporting website which attempts to collect details about social networks, email and even PayPal in order to activate and add credits to the account.
This appears to be a well thought out scam and certainly something to watch for on the Google Play platform and hopefully Apple will continue to keep these apps out of the App Store.