Feeds

back to article Phone-raiding Trojan slips past Apple’s App Store censors

A mobile Trojan that secretly sends the phone's whereabouts and its address book to spammers has slipped into Apple's App Store and Google's Play marketplace. Called Find And Call, the malware includes a "find your friends" feature that uploads a user's phonebook contents to servers under the control of the application's …

COMMENTS

This topic is closed for new posts.
Anonymous Coward

It's not malware unless it damages or impairs the phone. It doesn't do that, it's just a bit of spamming app.

This is why there's a remote kill in all app stores.

1
20

Err - yes it is.

It's malware when it does something you don't intend by either technical skulduggery or deception. This is the latter. Do I want my phone to spew spam to everyone in my contact list, and steal the data in my contact list? No, that isn't what I want. This is malware.

16
0

This post has been deleted by its author

Silver badge
Headmaster

Deception? Should it not have been picked up before the Ap went live?

Now it's known I'm sure it will be looked for.... Next time.

0
0
Anonymous Coward

Isn't spamming still not illegal in Russia?

Maybe the developer saw it was within the law to do this?

1
0
Silver badge
Happy

We can conclude then that "Fidall-A" turned out to be "A-Fiddle".

See title.

0
0
Anonymous Coward

So is it really malware? Sophos security doesn't agree: http://nakedsecurity.sophos.com/2012/07/06/find-call-ios-android-malware/. They prefer to call it a "spammy" app.

Path, Facebook and other apps were already found to read the contacts list, it's wasn't a problem before. Are those malware too? In this case the developer just went too far with the data and spammed the contacts.

I'm also sure this app would have to request location permission to read the GPS coordinates.

Does the app actually "Logs and uploads GPS coordinates"? Kapersky only say "Both apps are also able to upload user’s GPS coordinates to the same server but such ‘feature’ is not that new for both malicious and legal apps to be honest." Sounds like if it does, it's a one shot thing.

0
7

Still malware.

It's the spamming part that's the problem. Path were uploading the data but not doing anything weird with it, so no deception - just a little incompetence. As soon as it was pointed out to them that this probably wasn't what most users expected they deleted the data and updated the app to stop it.

I'm not familiar with the Facebook app - no idea.

This, by sending spam, is different and (for me at least) pushes it into the category of "malware".

4
0
Trollface

At least Kapersky aren't tying to persuade people to buy their anti-virus products.

1
0

Well...

They are complaining bitterly that their "protection" can't be extended to users of iOS. Never mind that it wouldn't have helped here, or in any circumstance I can think of under iOS.

1
0
Anonymous Coward

It's not possible to "scan" for these apps

The developer was doing all the SMS spam from his own server, after uploading the contacts. Neither Apple nor Google knew what the developer was doing with this data after it left the phone.

Users installed this app which explicitly says it's going to scan the phonebook to find friends, so they agreed to give the developer access to the phonebook. There's no way around this, the user wanted it. Add contact permissions on top like Android or iOS 6, the user will still say yes. That's why they installed the app!

The only remedy here is do to what they did, remove the app from the store as soon as the problem becomes known and shut down the developer's account, hopefully adding checks to make sure he doesn't return.

Maybe some of the affected users in Russia will want to report the developer to the police too.

3
1

Re: It's not possible to "scan" for these apps

The parent comment is exactly right - this isn't a technical problem at all, it is pure deception.

Unfortunately the technical access that such an app would require to legitimately to do what this app was advertised to do is exactly the same as was needed to carry out the spamming. There is nothing Apple or Google could do to prevent it, unless they were to stop any application from reading the user's contact database - which would mean that many legitimate applications would be impossible.

2
0

Interesting

That the headline is about Apple and not Android, anyhoo the only real story here is that someone managed to do something bad with a completely legal use of the app permissions, I am not sure what people expect Apple or Google do, av wouldn't help, so the only way to stop this is to stop the whole ability for a phone to send/sync its contacts anywhere.

I guess el reg will hope to get lots of links from that bait

1
2
Silver badge

Re: Interesting

Not really, as the text of the article states this is the first piece of malware to make it onto Apples' App Store. Google play, on the other hand, is full of the stuff....

1
3
Unhappy

Could this be the reason

I've been receiving lots of SMS spam this week?

I don't normally get any, then about 3 weeks back there were odd ones appearing every couple of days. In the last week (up to yesterday) it increased dramatically.

1
0
Silver badge
Meh

Re: Could this be the reason

SMS spammers get their 'targets' from a variety of sources, including just making numbers up to see if they work. What you must not do is reply in any way, even to send 'STOP' back to them. If you do, then you will confirm that their spam has been read and they will multiply their efforts and also pass your number along to other spammers.

4
0
Anonymous Coward

Re: Could this be the reason

The spam in this case was only promoting the app.

I too get all sorts of spam too, usually the "Free Msg; Our records indicate…" kind which are unrelated to this.

As the poster above those companies just send those to everyone.

1
1
Silver badge

Bug my arse

Kinda like I accedently slipped and got her pregnant. Oops.

0
0

OK, it's worse than

Viber

0
0

What? I thought Apple was IMPERVIOUS to malware! Just ask them. Ask the Apple fanboys.

1
3
Anonymous Coward

Hehe

Felt for the click bait and missed the android part and the whole "is it malware?" discussion. Berk.

1
1

Really the only malware to make it past the review process?

"The app is mostly likely the first piece of malware to make it past Apple's censors and reviewers..." And your basis for making this claim is?

2
0
Anonymous Coward

the iSheep will defend and deny...

2
2
Silver badge

What's the difference between this and WhatsApp or Viber...?

I've been on the receiving end of SMS messages inviting me to download both of them...

0
0
Thumb Down

Thought this was about Facebook...

Little difference TBH.

1
0
Anonymous Coward

"Bug" is the new "just following orders"

"Russian blog AppleInsider.ru got in touch with the developers of Find And Call via its tech support. The programmers claimed the SMS-sending feature (which has unsurprisingly drawn a number of complaints) was a bug"

I LOLed. It's a bug when you're found out, eh, Mark Zuckerburg?

0
0
This topic is closed for new posts.