For the first time, a virus cum Trojan managed to find its way into the four year old Apple’s app store as well as into Google’s digital store, Google Play. Although, the concerned app has been pulled off, this was first such malware case in the Apple’s store, but a common incident in the Google’s app store. First dubbed as a SMS worm, then later identified to be a Trojan, both the companies have now removed the app “Find and call”.
This concerned app first made its users register with their email addresses and phone numbers. But was later found to seize the user’s contact book data and transmit the content to a remote service, as discovered by the Russian Software security firm, Kaspersky, which alerted both stores.
The original service of the app was to manage phone address book and find friends using the contact list. However, this malware would spam the people in the user’s list with unsolicited texts. The content seemed like coming from the authentic user as it contained the field “phone number”. It also included links for other people to download the malware by making the whole SMS looks like arriving from a trusted source.
Also, the app allowed users to upload sensitive information like online account details (such as Paypal), emails, other personal information etc. Even iOS and Androids versions of the app also transferred user’s GPS location coordinates to a remote server.
The app’s developer commented that “it was the failure of one of the components” that resulted in the bug and subsequently spam. He also notified that the fixing is being done but owing to violations of the guidelines of the Apple’s app store, the app was wiped off before any solution could be figured out.
As the problem broached, Software giant Apple took hold of the possible reasons of the malformed apps and incomplete downloads and said to start working out on it as soon as possible.