Trojan Horses are nothing new to Android, and now the iOS is never complete clean any more. Kaspersky Lab expert Denis Maslennikov has confirmed the discovery of first trojan on iOS, it was found in a Russion app canlled “Find and Call” which was on the App Store. It will upload users’ contact lists to a remote server, and then send SMS spams.
“Find and Call” was available on both the App Store and Google Play. My search of the App Store confirmed the app is still available for download.
“Find and Call” doesn’t cause harm to the user’s phone instead it uploads the user’s phonebook to a remote server. The remote server sends spam SMS messages to all of your contacts with a download link to the application. The spam SMS messages contained the user’s number in the from field so it looks to the recipient as if the message is from a trusted source.
In his blog Maslennikov writes:
”If user launches this application he will be asked to register in the app using his email address and cell phone number (both fields won’t be checked for validity). If user wants to ‘find friends in a phone book’ his phone book data will be secretly (no EULA/ terms of usage/notifications) uploaded to remote server”
Maslennikov includes a small FAQ at the end of his post:
1. Are these apps malicious?
Both apps upload user’s phone book to remote server and use it for SMS spam. That’s why we detect them as Trojan.AndroidOS.Fidall.a and Trojan.IphoneOS.Fidall.a
3. Who created them?
Good question. There are actually some more interesting details. The website of this app allows you (after logging in to your account) to ‘enter’ your social network accounts, mail accounts (it seems that these details will also be used) and even PayPal (!) to add money to your account.
It looks like Apple has removed “Find and Call” from the App Store, and has issued this statement to The Loop:
“The Find & Call app has been removed from the App Store due to its unauthorized use of users’ Address Book data, a violation of App Store guidelines,”
If you have got this app in your device now, you know how to deal it now.