First malware ever found in iOS App Store, malicious app removed

By on July 6, 2012, 3:00 PM

For the first time, according to Kaspersky Labs, security researchers have unearthed what appears to be malware on the Apple App Store. "Find and Call", a Russian-language app which touted contact list simplification, was discovered to be a little too interested in its users' contact lists. Security experts discovered that Find and Call would upload the victim's entire address book and GPS coordinates to a remote server, and then proceed to spam all of their contacts.

Apple quickly pulled the app, citing guidelines which prohibit app makers from uploading contacts to remote servers. However, this is not the first time an app from the App Store has quietly stolen address books from unsuspecting iPhone and iPad users.

Path, a popular social photo-taking app, was busted last year by an observant developer who noticed the app was sending more data to third-party servers than it should have. It was discovered that Path was actually storing contact lists on remote servers in order to suggest friends its users.

While Path responded appropriately and their intentions seemed mostly benevolent, users had no idea this was occurring. Following the discovery, Path modified their app to warn users of the behavior. Apple also responded by updating its developer guidelines; however, Apple has since been criticized for not uniformly enforcing some of those rules.

Love it or hate it, Apple's walled garden has seemingly had a positive effect on minimizing malware -- at least, so far. On the other hand, the Android Market (now known as Google Play) has been portrayed as something very different. Reports of malware on Google Play have been frequent and plenty, but Google has taken steps this year to clean up their app store.




User Comments: 4

Got something to say? Post a comment
RedRapper said:

I wonder what negative impact this will have on other apps that have similar names. Hopefully apps like ReadAndCall and others which are good don't receive unwarranted negative reactions. Many developers work hard to produce good Apps and one bad "apple" can ruin countless hours of good work.

Guest said:

Totally agree with above post.

These hacks or people try to make money from spam should be sent to prison for a very long time!

3DCGMODELER 3DCGMODELER said:

No they should be put in public stocks and then let everybody throw garbage at them..

Guest said:

I think they should be put in stocks and everyone should be able to urinate on them

Load all comments...

Add New Comment

TechSpot Members
Login or sign up for free,
it takes about 30 seconds.
You may also...
Get complete access to the TechSpot community. Join thousands of technology enthusiasts that contribute and share knowledge in our forum. Get a private inbox, upload your own photo gallery and more.