Share:

Trojan Horse App ‘Find and Call’ Makes Its Way Into the App Store [Update]

Share:

In a blog post yesterday, Kaspersky Lab expert Denis Maslennikov wrote his company was contacted by Russian mobile phone company MegaFon to report a suspicious app. The app in question is called “Find and Call”.

“Find and Call” is currently available on both the App Store and Google Play. My search of the App Store confirmed the app is still available for download.

“Find and Call” doesn’t cause harm to the user’s phone instead it uploads the user’s phonebook to a remote server. The remote server sends spam SMS messages to all of your contacts with a download link to the application. The spam SMS messages contained the user’s number in the from field so it looks to the recipient as if the message is from a trusted source.

In his blog Maslennikov writes:

 “If user launches this application he will be asked to register in the app using his email address and cell phone number (both fields won’t be checked for validity). If user wants to ‘find friends in a phone book’ his phone book data will be secretly (no EULA/ terms of usage/notifications) uploaded to remote server”

Maslennikov includes a small FAQ at the end of his post:

Small F.A.Q.

1. Are these apps malicious?

Yes.

2. Why?

Both apps upload user’s phone book to remote server and use it for SMS spam. That’s why we detect them as Trojan.AndroidOS.Fidall.a and Trojan.IphoneOS.Fidall.a

3. Who created them?

Good question. There are actually some more interesting details. The website of this app allows you (after logging in to your account) to ‘enter’ your social network accounts, mail accounts (it seems that these details will also be used) and even PayPal (!) to add money to your account.

Trojan Horses are nothing new to Android but this is the first confirmed case of one for iOS devices in the five years the App Store has been open.

What are your thoughts? Do you expect to see more Trojan Horses appear on the App Store? I wonder how this got through the app review process.

Update 1: It looks like Apple has removed “Find and Call” from the App Store, and has issued this statement to The Loop:

“The Find & Call app has been removed from the App Store due to its unauthorized use of users’ Address Book data, a violation of App Store guidelines,”

[Via Kaspersky]

 

Share:

  • Sly

    To answer your last question, they were too busy looking at d*cks.

  • That was ballsy.

  • K3

    Been wondering how long it will take for Apple to develop anti virus and firewall solutions for iOS, maybe it’s on the board now for the next release.

  • Virus scans and firewalls wouldn’t protect against something like this though. This is an app that someone chooses to download, and once it’s on the phone it does stuff that it shouldn’t be doing. It should have been caught in Apple’s review process. That’s what the review process is set up for.

    That being said, they get millions of apps submitted for review, it must be hard to try and keep things efficient. So that’s where they have to combine it with quick responses to complaints, and pulling apps immediately that violate the TOS.
    I also think they should be pulling apps that have misleading descriptions and bad reviews. I can’t believe that fake lock screen app is still in the top sellers list. How many people out there are buying one-star apps without reading the reviews?!?

Deals