Kaspersky has found malware in the App Store and the Google Play Store. It is the first time that malware has been found in the wild in the App Store. The trojan sends text messages to all contacts of a user who installs the app.
The application is called ‘Find and Call’, writes Kaspersky. The malware targets Russian users and pretends to be legitimate VoIP software. After installation, the trojan uploads the user’s phone book to a remote server. From that server, with the affected user as the sender, all contacts are texted with a link to the application.
Whether the malware does anything else or just spams contacts is unclear. According to Kaspersky, it is the first time malware has been found in the wild in the App Store, although a security researcher managed to place malicious code in the App Store in November. Controls on applications in the App Store are much stricter than those in Google’s Play Store.
Incidentally, a Russian blog has been in contact with one of the authors of the malware, who maintains that it is not malicious software. It would be a bug that spontaneously sent text messages to all contacts.
It is not uncommon for applications to upload contact directories unsolicited. Facebook, Twitter and Path, among others, were sued earlier this year because their mobile apps did this, although those apps were not removed from the stores. However, the ‘Find and Call’ application has since disappeared from both application stores, which may indicate that it is actually malware.