Phonebook-slurping, spam-sending app found in App Store
Posted on 05.07.2012
A malicious app that slurps mobile users' phonebooks and uploads them to a remote server has been spotted being offered both on Google Play and Apple's App Store.

Kaspersky Lab researchers first though they were dealing with an SMS worm, but after having analyzed the "Find and Call" app, they discovered it was actually a Trojan.

They don't mention what the app is marketed as, but judging by its name users would not find it suspicious that the app asks for permission to access their contacts.

Once the phonebook is exfiltrated to the server, SMS spam messages containing a link to a page where the free app can be downloaded are sent to all the contacts, inviting them to use it to reach the sender.

"It is worth mentioning that the Ďfromí field contains the userís cell phone number. In other words, people will receive an SMS spam message from a trusted source," say the researchers.

"Malware in the Google Play is nothing new but itís the first case that weíve seen malware in the Apple App Store," they pointed out.

It is also interesting to note that the website of this app allows users to supposedly access their social network accounts, mail accounts and even their PayPal account and use it:

Unfortunately, by adding money to the PayPal account in this way they are actually transferring to a Singapore-based company.

I don't know what this app poses as, but this should be warning enough that something is seriously amiss.

Both Google and Apple have been notified of the matter and have by now removed the offending app from their markets.


Harnessing artificial intelligence to build an army of virtual analysts

PatternEx, a startup that gathered a team of AI researcher from MIT CSAIL as well as security and distributed systems experts, is poised to shake up things in the user and entity behavior analytics market.

Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.

Daily digest

Receive a daily digest of the latest security news.

Thu, Feb 4th