Google and Apple remove spam application from stores
Google and Apple have both removed an application that has been called "malware" and a "trojan" from their respective mobile app stores. The application in question is called Find and Call and was first reported by Kaspersky Lab after they were contacted by Russian mobile phone operator MegaFon. When users install the software, they can choose an option to "find friends in a phone book" which will upload their address book to the application author's servers. This will result in their contacts receiving SMS spam that appears to originate from the original user's phone and which includes a link to the Find and Call application.
According to Kaspersky, Find and Call appears to be a working application, albeit one that leaks user's address books and uses them for nefarious purposes. Even though cavalier uploading of users' address books is not a new development with mobile applications, the spamming behaviour of the application is definitely malicious, even though it only seems to advertise the application itself and is not sending out spam on behalf of other parties. However, when contacted by the Russian blog AppleInsider.ru, Find and Call's author claimed that the spam was accidental; the author says that "this bug is in process of fixing."
In its report, Kaspersky claimed that Find and Call was the first case of "malware in the Apple App Store" that they had discovered. There have, however, been applications in the App Store before which tricked users into paying for software that does not work as advertised. Since the original listings for the application in both Google's Play store and Apple's App Store were in Russian only and had racked up quite a number of negative comments and reviews, it is not clear how many users actually installed the software.
Apple will be releasing iOS6 in the near future which has new features including requesting the user's permission to allow an application to read from the addressbook and other databases in the same way that location data is currently protected. Whether users will pay attention to this is, though, unclear as social engineering could still convince a user to give permission.
(fab)
![Kernel Log: Coming in 3.10 (Part 3) [--] Infrastructure](/imgs/43/1/0/4/2/6/7/2/comingin310_4_kicker-4977194bfb0de0d7.png)
![Kernel Log: Coming in 3.10 (Part 3) [--] Infrastructure](/imgs/43/1/0/4/2/3/2/3/comingin310_3_kicker-151cd7b9e9660f05.png)
