In a blog post yesterday, Kaspersky Lab expert Denis Maslennikov wrote his company was contacted by Russian mobile phone company MegaFon to report a suspicious app. The app in question is called “Find and Call”.
“Find and Call” is currently available on both the App Store and Google Play. My search of the App Store confirmed the app is still available for download.
“Find and Call” doesn’t cause harm to the user’s phone instead it uploads the user’s phonebook to a remote server. The remote server sends spam SMS messages to all of your contacts with a download link to the application. The spam SMS messages contained the user’s number in the from field so it looks to the recipient as if the message is from a trusted source.
In his blog Maslennikov writes:
“If user launches this application he will be asked to register in the app using his email address and cell phone number (both fields won’t be checked for validity). If user wants to ‘find friends in a phone book’ his phone book data will be secretly (no EULA/ terms of usage/notifications) uploaded to remote server”
Maslennikov includes a small FAQ at the end of his post:
1. Are these apps malicious?
Both apps upload user’s phone book to remote server and use it for SMS spam. That’s why we detect them as Trojan.AndroidOS.Fidall.a and Trojan.IphoneOS.Fidall.a
3. Who created them?
Good question. There are actually some more interesting details. The website of this app allows you (after logging in to your account) to ‘enter’ your social network accounts, mail accounts (it seems that these details will also be used) and even PayPal (!) to add money to your account.
Trojan Horses are nothing new to Android but this is the first confirmed case of one for iOS devices in the five years the App Store has been open.
What are your thoughts? Do you expect to see more Trojan Horses appear on the App Store? I wonder how this got through the app review process.
Update 1: It looks like Apple has removed “Find and Call” from the App Store, and has issued this statement to The Loop:
“The Find & Call app has been removed from the App Store due to its unauthorized use of users’ Address Book data, a violation of App Store guidelines,”