back to article Phone-raiding Trojan slips past Apple’s App Store censors

A mobile Trojan that secretly sends the phone's whereabouts and its address book to spammers has slipped into Apple's App Store and Google's Play marketplace. Called Find And Call, the malware includes a "find your friends" feature that uploads a user's phonebook contents to servers under the control of the application's …

COMMENTS

This topic is closed for new posts.
  1. Anonymous Coward
    Anonymous Coward

    It's not malware unless it damages or impairs the phone. It doesn't do that, it's just a bit of spamming app.

    This is why there's a remote kill in all app stores.

    1. Jeremy Chappell

      Err - yes it is.

      It's malware when it does something you don't intend by either technical skulduggery or deception. This is the latter. Do I want my phone to spew spam to everyone in my contact list, and steal the data in my contact list? No, that isn't what I want. This is malware.

      1. Arctic fox
        Happy

        We can conclude then that "Fidall-A" turned out to be "A-Fiddle".

        See title.

    2. This post has been deleted by its author

    3. LarsG
      Headmaster

      Deception? Should it not have been picked up before the Ap went live?

      Now it's known I'm sure it will be looked for.... Next time.

      1. Anonymous Coward
        Anonymous Coward

        Isn't spamming still not illegal in Russia?

        Maybe the developer saw it was within the law to do this?

  2. Anonymous Coward
    Anonymous Coward

    So is it really malware? Sophos security doesn't agree: http://nakedsecurity.sophos.com/2012/07/06/find-call-ios-android-malware/. They prefer to call it a "spammy" app.

    Path, Facebook and other apps were already found to read the contacts list, it's wasn't a problem before. Are those malware too? In this case the developer just went too far with the data and spammed the contacts.

    I'm also sure this app would have to request location permission to read the GPS coordinates.

    Does the app actually "Logs and uploads GPS coordinates"? Kapersky only say "Both apps are also able to upload user’s GPS coordinates to the same server but such ‘feature’ is not that new for both malicious and legal apps to be honest." Sounds like if it does, it's a one shot thing.

    1. Jeremy Chappell

      Still malware.

      It's the spamming part that's the problem. Path were uploading the data but not doing anything weird with it, so no deception - just a little incompetence. As soon as it was pointed out to them that this probably wasn't what most users expected they deleted the data and updated the app to stop it.

      I'm not familiar with the Facebook app - no idea.

      This, by sending spam, is different and (for me at least) pushes it into the category of "malware".

  3. Jeffrey Jefferson
    Trollface

    At least Kapersky aren't tying to persuade people to buy their anti-virus products.

    1. Jeremy Chappell

      Well...

      They are complaining bitterly that their "protection" can't be extended to users of iOS. Never mind that it wouldn't have helped here, or in any circumstance I can think of under iOS.

  4. Anonymous Coward
    Anonymous Coward

    It's not possible to "scan" for these apps

    The developer was doing all the SMS spam from his own server, after uploading the contacts. Neither Apple nor Google knew what the developer was doing with this data after it left the phone.

    Users installed this app which explicitly says it's going to scan the phonebook to find friends, so they agreed to give the developer access to the phonebook. There's no way around this, the user wanted it. Add contact permissions on top like Android or iOS 6, the user will still say yes. That's why they installed the app!

    The only remedy here is do to what they did, remove the app from the store as soon as the problem becomes known and shut down the developer's account, hopefully adding checks to make sure he doesn't return.

    Maybe some of the affected users in Russia will want to report the developer to the police too.

    1. Jeremy Chappell

      Re: It's not possible to "scan" for these apps

      The parent comment is exactly right - this isn't a technical problem at all, it is pure deception.

      Unfortunately the technical access that such an app would require to legitimately to do what this app was advertised to do is exactly the same as was needed to carry out the spamming. There is nothing Apple or Google could do to prevent it, unless they were to stop any application from reading the user's contact database - which would mean that many legitimate applications would be impossible.

  5. Disintegrationnotallowed

    Interesting

    That the headline is about Apple and not Android, anyhoo the only real story here is that someone managed to do something bad with a completely legal use of the app permissions, I am not sure what people expect Apple or Google do, av wouldn't help, so the only way to stop this is to stop the whole ability for a phone to send/sync its contacts anywhere.

    I guess el reg will hope to get lots of links from that bait

    1. sabroni Silver badge

      Re: Interesting

      Not really, as the text of the article states this is the first piece of malware to make it onto Apples' App Store. Google play, on the other hand, is full of the stuff....

  6. Ivan Headache
    Unhappy

    Could this be the reason

    I've been receiving lots of SMS spam this week?

    I don't normally get any, then about 3 weeks back there were odd ones appearing every couple of days. In the last week (up to yesterday) it increased dramatically.

    1. frank ly
      Meh

      Re: Could this be the reason

      SMS spammers get their 'targets' from a variety of sources, including just making numbers up to see if they work. What you must not do is reply in any way, even to send 'STOP' back to them. If you do, then you will confirm that their spam has been read and they will multiply their efforts and also pass your number along to other spammers.

    2. Anonymous Coward
      Anonymous Coward

      Re: Could this be the reason

      The spam in this case was only promoting the app.

      I too get all sorts of spam too, usually the "Free Msg; Our records indicate…" kind which are unrelated to this.

      As the poster above those companies just send those to everyone.

  7. John Tserkezis

    Bug my arse

    Kinda like I accedently slipped and got her pregnant. Oops.

  8. PJL500

    OK, it's worse than

    Viber

  9. Michael Driver

    What? I thought Apple was IMPERVIOUS to malware! Just ask them. Ask the Apple fanboys.

    1. Anonymous Coward
      Anonymous Coward

      Hehe

      Felt for the click bait and missed the android part and the whole "is it malware?" discussion. Berk.

  10. Ascy

    Really the only malware to make it past the review process?

    "The app is mostly likely the first piece of malware to make it past Apple's censors and reviewers..." And your basis for making this claim is?

  11. Anonymous Coward
    Anonymous Coward

    the iSheep will defend and deny...

  12. Dan 55 Silver badge

    What's the difference between this and WhatsApp or Viber...?

    I've been on the receiving end of SMS messages inviting me to download both of them...

  13. Anonymous Coward
    Thumb Down

    Thought this was about Facebook...

    Little difference TBH.

  14. Anonymous Coward
    Anonymous Coward

    "Bug" is the new "just following orders"

    "Russian blog AppleInsider.ru got in touch with the developers of Find And Call via its tech support. The programmers claimed the SMS-sending feature (which has unsurprisingly drawn a number of complaints) was a bug"

    I LOLed. It's a bug when you're found out, eh, Mark Zuckerburg?

This topic is closed for new posts.

Other stories you might like