Apple, Google threw out malicious: Find and Call

Apple has removed the malicious app that made its way into Apple's App Store last week. App named as 'Find and Call' was one of the rarest malware in App-store in last four years since it has been launched. This app also made its way it Android play store as well, and after its detection as malware Google also threw it out of the store.

Kaspersky Lab discovered the app "Find and Call," which includes a Trojan to do the dirty work. Once the user launches the app, "he will be asked to register in the app using his email address and cellphone number (both fields won’t be checked for validity). If user wants to 'find friends in a phone book' his phone book data will be secretly (no EULA/ terms of usage/notifications) uploaded" to a remote server.

The application steals data from the device (phone book and cellphone numbers) which are uploaded to a remote server to be used for SMS spam campaigns. Each phone book entry will receive SMS spam message offering to click on the URL and download this ‘Find and Call’ application. It is worth mentioning that the ‘from’ field contains the user’s cellphone number. In other words, people will receive an SMS spam message from a trusted source.

Be aware to get that app deleted from your device if you have that anymore downloaded on your device.

-CB