Home   >   News

Kaspersky expert detects App Store and Google Play malware

Russian app spams contact list
Kaspersky expert detects App Store and Google Play malware

Hot on the heels of an App Store glitch that rendered newly updated apps unusable, a lab expert from software security specialist Kaspersky claims use of malware is on the rise across both iOS and Android.

Denis Maslennikov claims a Russian language utility app named Find and Call is in fact a trojan designed to upload a user's co-ordinates and contact list to a remote server.

The server then sends spam text messages to said contacts, each one suggesting they download Find and Call.

Call in question

The idea is, those who receive the text message in question believe the recommendation is genuine, given it comes from a trusted source rather than spam.

Find and Call is by no means the first piece of alleged malware to grace smartphone marketplaces, however, and has already been removed from both the App Store and Google Play following the furore.

The app's developer, however, has claimed in an emailed statement to Russian website Apple Insider that the text messages are the result of a 'bug' that's currently being fixed rather than an intended directive to utilise contact lists in such a way.

The first and only?

Other applications have previously made use of contact details without the express permission of users in a similar manner, including the iOS Path app.

Numerous clone apps masquerading as popular games have also frequently scam hundreds of customers out of their cash.

A fake Pokemon Yellow app, for instance, recently reached #12 on the US App Store's overall top grossing chart. When users attempted to open the 99c application, it would simply crash.

[source: SecureList]