It appears that the once pure Apple App Store has finally fallen victim to the hackers with news that a Trojan app called “Find and Call” was found sending phone book details to a remote server and spamming user contacts.
Obviously it was less surprising to find the app on Google Play for Android with their history of malware issues however the approval process for the iTunes App Store has, up until now, done a great job of keeping this problem at bay.
Kaspersky lab expert Denis Maslennikov wrote: “At first glance, this seemed to be an SMS worm spread via sending short messages to all contacts stored in the phone book with the URL to itself.
However, our analysis of the iOS and Android versions of the same application showed that it’s not an SMS worm but a Trojan that uploads a user’s phonebook to remote server. The ‘replication’ part is done by the server – SMS spam messages with the URL to the application are being sent from the remote server to all the contacts in the user’s address book.”
Once installed, users are able to continue using the application while at the same time uploading data and sending SMS spam messages offering to click on a URL and download the “Find and Call” application. Since the message is coming from the users phone, the recipient will believe that the message is from a trusted source and likely click the link.
The app has a supporting website which attempts to collect details about social networks, email and even PayPal in order to activate and add credits to the account.
This appears to be a well thought out scam and certainly something to watch for on the Google Play platform and hopefully Apple will continue to keep these apps out of the App Store.
9 Comments
Melvin
This story is both funny and disconcerting all at once. Looks like the worm(s) breached the surface and got to the core of [the] Apple. For once, I am glad I don't rely on Apple products, even though there are times when I do wish I owned a mac book pro, and maybe an i-phone. For the time being, I'll just have to be happy eating granny smith apples with my oatmeal in the morning.
Randy
I think it is safe to say that eventually, all platforms become targets and then possibly victims of hacker attacks. It is a part of doing business in cyberspace. I remember the day I gave up using internet explorer. It was because I had gotten fed up with all the spam and malware attacks, most of which seem to be targeted toward internet explorer. I don't know why that is, but I had to switch browsers.
Eric
Unfortunately, the more we rely on mobile communications the more we make ourselves more susceptible to malicious attacks. And hackers are well aware of most people's dependency on staying connected. Most persons have difficulty functioning without their smart phone. As long as folks keep this in mind and consider this before deciding to install an app or scan some cryptic QR Code, they can be more judicious as to where they decide to surf.
Vicki
Before the novice users go into a frenzied panic about their beloved I phones, they should know the first thing to note is that Flashback is not a technically a virus, it's a Trojan horse. Both are malicious software, but the main difference is that a Trojan horse cannot infect other computers. Trojan horses typically seem like helpful software, but once installed they make your computer vulnerable to data theft or keystroke logging, among other things.
Harold
I've seen reports that there are now hacked websites targeting Android devices with a new Android Trojan called NotCompatible, an attack vector previously only used to infect PCs with malware. If a user visits a compromised website from an Android device, their Web browser will automatically begin downloading an applicationa process o referred to as a drive-by download. Internet Explorer used to be a prime target. Now mobile devices are the target.
Marcus
I am glad that Vicki explained some of that because I knew they were both bad but I had no idea how bad they were. I am glad that I didn't get an Iphone though because I rely on it to much for business for my phone to be out of commission. Great article thank you, keep up the good work.
Jewel
It seems that Apple is working hard to fight the hacking of its In-App Purchase program for iOS. So far though, the company's attempts have not deterred that Russian developer who apparently wants Cupertino to fix the underlying problem. Last week Russian developer Alexey Borodin hacked Apple's In-App Purchase program for all devices running anything from iOS 3.0 to iOS 6.0, allowing iPhone, iPad, and iPod touch users to circumvent the payment process and essentially steal in-app content.
Robin
I heard that Apple is developing software that will detect and remove the Flashback malware, the company wrote in a support document on its site addressing the Flashback malware. They apparently released a Java update on April 3, 2012 that fixes the Java security flaw for systems running OS X v10.7 and Mac OS X v10.6. But software will still be required to remove Flashback from systems that are already infected.
Timothy
With Apple getting hacked, it makes me feel like none of us is truly safe from hackers and from getting our financial information and identity stolen. The more we decide to rely on electronic devices to store our personal data, the more we have to accept the risk that goes with this sort of digital convenience. And the more we decide to interact with others and with sellers, the more risk we're open to.