Apple Pulls ‘Find and Call’ App Following Security Alert

| News

Apple has pulled the Find and Call app for iPhone from its App Store after a security alert from Kaspersky Labs described the app as a trojan. Renaming the app “Leak and Spam,” the security company said the app was uploading user address books to a remote server in order to spam those contacts with an SMS message.

Leak and Spam

Leak and Spam

“Our analysis of the iOS and Android versions of the same application showed that it’s not an SMS worm but a Trojan that uploads a user’s phone book to remote server,” the firm said in its alert. “The ‘replication’ part is done by the server - SMS spam messages with the URL to the application are being sent from the remote server to all the contacts in the user’s address book.”

The app was available on both Apple’s App Store and Google’s Google Play, and Kaspersky Labs said that both versions were engaging in the Leak and Spam behavior. As of this writing, the app was not available on either store.

The firm was originally alerted by Russian mobile carrier MegaFon. The company had noticed suspicious activity by the app, passing along a warning that it could be a worm.

Social networking apps took heat for uploading user address books without expressly stating their intentions to do so, but there was no direct spam associated with those incidents. While grabbing address books without permission had long been against Apple’s developer code of conduct, Apple said in February that it would begin requiring explicit permission at the OS level in the future.

Sign Up for the Newsletter

Join the TMO Express Daily Newsletter to get the latest Mac headlines in your e-mail every weekday.

Comments

ilikeimac

The good news here is that Apple seems to have reacted quickly, at least relative to the Kaspersky report. I can only hope they’re as quick at updating the Safari Safe Downloads List and Mountain Lion’s list of revoked developer certificates for Gatekeeper.

I also hope the Apple will prosecute the developers responsible for this. Since they have to be registered with Apple to submit apps, one would hope Apple can find them and, if nothing else, sue for breach of the developer agreement.

EDIT: Also, I can’t believe I didn’t think of it before, but does anyone know if iOS has a Gatekeeper-like feature such that Apple can revoke a certificate and prevent this app from running on phones that already have it installed? I’m pretty sure this question has come up before and the consensus is that this would be a Bad Thing in general, but this is a case where Apple could justifiably weild that power for good.

jbruni

Also, I can?t believe I didn?t think of it before, but does anyone know if iOS has a Gatekeeper-like feature such that Apple can revoke a certificate and prevent this app from running on phones that already have it installed?


Yes, it’s called a kill switch.


http://www.macworld.com/article/1134930/iphone_killswitch.html

ilikeimac

Thanks for the link. I had a vague memory of that, but I was hazy on whether Apple had ever confirmed it and how powerful it was. Still seems kinda vague but I guess the safe assumption is that it uses certificate revocation like Gatekeeper.

Log-in to comment