Google, Apple app stores hit with spamming trojan

By Dan Kaplan on Jul 6, 2012 1:23 PM
Filed under Security

First detected in App Store.

Apple and Google both have removed a malicious application from their mobile stores that uploads a user's contact list to a remote server.

The app, named "Find and Call," is believed to be the first malware to impact Apple's App Store, the discoverer of the threat Denis Maslennikov, senior malware analyst at Kaspersky Lab, said in a blog post.

It bills itself as an app that can help users organise their address book, but actually commits data hijacking and spews spam via text message and email to the contacts of victims.

Once a user installs the app, they are asked to register it by using an email address and cell phone number, Maslennikov wrote.

Afterward, they are asked if they'd like to locate their friends. If they agree, the data from their contact list is sent to a remote server. Then their contacts are hit with spam that requests they also download the app.

"It is worth mentioning that the 'from' field contains the user's cell phone number," he wrote. "In other words, people will receive an SMS spam message from a trusted source."

The apps, which have since been removed from both Google's and Apple's stores, garnered very negative feedback from users and appeared to only affect Russian users, Maslennikov said.

This marks the first time that a trojan has found its way into iOS App Store, he said.

It is just one of a bevy of suspicious programs that infiltrated Google Play, formerly known as the Android Market, because of the company's open developer model. Apple has more of a stringent certification process in place for its developers.

Neither Google or available were available for comment.

This article originally appeared at scmagazineus.com

 
Follow us on Facebook and Twitter
 

Copyright © SC Magazine, US edition

Google, Apple app stores hit with spamming trojan
 
 
 
 
 
Top Stories
Dicker Data pulling in $100 million a month
Beats sales projections in first quarter.
 
Evernote finds new allies in Aussie business push
Certifies first Australian consultants as local users reach 2 million.
 
Adelaide ISV rebrands after cracking $2m
Meet the new Adelaide Interim.
 
Sign up to receive CRN email bulletins
   FOLLOW US...
Polls
What would help your business most?


Latest Comments
CRN Magazine

Issue: 332 | October 2014

CRN Magazine looks in-depth at the emerging issues and developments for the channel, and provides insight, analysis and strategic information to help resellers better run their businesses.