Malicious spam app discovered in the App Store [updated]

Apple has had a fairly spotless record thus far regarding iOS security. There hasn’t been a single [serious] breach, or malware outbreak — aside from what jailbreak hackers have uncovered, of course.

But it looks like the perfect streak has finally come to an end. A Russian security firm announced this morning that it has discovered a malicious spam [aka a Trojan] application in the App Store…

Kaspersky Lab‘s Denis Maslennikov:

“Yesterday we were contacted by our partner MegaFon, one of the major mobile carriers in Russia. They notified us about a suspicious application, which was found in both the Apple App Store and Google Play. At first glance, this seemed to be an SMS worm spread via sending short messages to all contacts stored in the phone book with the URL to itself.

However, our analysis of the iOS and Android versions of the same application showed that it’s not an SMS worm but a Trojan that uploads a user’s phonebook to remote server. The ‘replication’ part is done by the server – SMS spam messages with the URL to the application are being sent from the remote server to all the contacts in the user’s address book.”

The app, which is called Find and Call, appears to have already been pulled by Apple. But the fact that it made it into the App Store in the first place is still scary.

Apple has always been praised for its ability to keep apps like this out of the App Store. It’s part of the reason that everyone is so tolerant of its strict policies.

It’ll be interesting to see what, if anything, Apple has to say about this.


Update: That didn’t take long. Just a few hours after removing the application, an Apple spokesperson spoke with The Loop about the incident:

“The Find & Call app has been removed from the App Store due to its unauthorized use of users’ Address Book data, a violation of App Store guidelines.”

Hmm, it sure seemed like it was doing a lot more than that.