Kaspersky has reported after being contacted, that a new malicious app made it’s way onto Apple’s App Store, that was sending SMS spam messages to users’ address book contacts and sending them to the developer’s servers.
“At first glance, this seemed to be an SMS worm spread via sending short messages to all contacts stored in the phone book with the URL to itself,” writes Kaspersky.
However it was not an SMS worm but instead was a Trojan that uploads a user’s phonebook to remote server. The ‘replication’ part is done by the server – SMS spam messages with the URL to the application are being sent from the remote server to all the contacts in the user’s address book.
The application is called ‘Find and Call’ and can be found in both the iOS Apple App Store and Android’s Google Play.
Once installed, the app asks you to register your phone number and email address. Find and Call will also ask if you want to “find friends in a phone book” before discretely uploading your entire contact list to a remote server. The app will continue to upload your contacts, and will SMS messages to those people that contain a link to download the app themselves. These SMS messages show up as if they were sent from your number, so the recipients are much more likely to click on the link.
“The Find & Call app has been removed from the App Store due to its unauthorized use of users’ Address Book data, a violation of App Store guidelines,” an Apple representative told Macworld. Find and Call appears to have been pulled from the Google Play Store as well.