Huffpost Technology
Gerry Smith Headshot

'Find And Call': Apple Removes First Malicious App To Enter App Store

Posted: Updated:

Apple has removed an app from its App store that could steal users' phonebooks to launch text message spam, marking the first time that malicious software has been found in the company's tightly-secured app marketplace, a researcher said Thursday.

The app, known as "Find and Call," asked users to sign in with an email address and cell phone number, then uploaded their phone's contacts to a remote server to send spam text messages, according to a blog post by Denis Maslennikov, a researcher at the Russian security firm Kaspersky Lab.

The spam messages appeared to come from a trusted source because they included the sender's phone number, Maslennikov said. They said: "Now I'm here and it's easier to reach me with the help of a free application," then contained a link to download the app.

It was unclear who wrote the app, Maslennikov said. Its website allowed users to enter their social networking and email accounts and asked them to transfer money from their PayPal accounts to a company in Singapore called "labwealth.com."

The app was also available in Google's Android Market, known as Google Play. By late Thursday, both Apple and Google had removed the app, Maslennikov said.

"The Find & Call app has been removed from the App store due to unauthorized use of users' address book data, a violation of App store guidelines," an Apple representative told The Huffington Post

Security researchers have said Apple's App store is more secure than Google Play because Apple has a stricter policy for evaluating apps before they can be downloaded. Earlier this year, Google said it had launched a new security service to scan new apps as developers submit then to the app marketplace.

Maslennikov said there have not been any incidents of malware inside Apple's App store since it launched five years ago.

"Malware in Google Play is nothing new but it's the first case [of] malware in the Apple App store," Maslennikov wrote.

Spam text messages are mostly a minor annoyance, but they are becoming more widespread. American consumers received about 4.5 billion spam texts last year, more than double the amount received in 2009, according to Ferris Research, a market research firm.

"Find and Call" was the latest cyber-security issue to affect Apple. In April, a widespread computer virus known as "Flashback" or "Flashfake" spread quickly around the world, downloading itself onto an estimated 600,000 Macs and allowing hackers to gain remote access to victims' computers.

Around the Web

“Find and Call” app becomes first trojan to appear on iOS App Store ...

Apple and Google remove 'Find and Call' Trojan app | Digital Trends

Apple Pulls 'Find and Call' App Following Security Alert | News | The ...

"Find and Call" app becomes first trojan to appear on iOS App Store

“Find and Call” app becomes first trojan to appear on iOS App Store

Apple Pulls 'Find and Call' App Following Security Alert

Trojan Horse found in the iOS App Store: Report

“Find and Call” app may have been texting your friends spam

Researchers discover 'Find and Call' spam app on Android and iOS

First Instance of Malware Detected, Removed from iOS App Store

Report: Trojan Horse found in the iOS App Store

Apple Erases First Malware Instance On iOS App Store Discovered By Kaspersky

 
From Our Partners