Kaspersky Lab recently reported that they were contacted about an app called Find & Call that was available in both the Google Play as well as the Apple App Store that was secretly storing data from users’ address book and sending information to the app’s developer’s server. This information from the server was then sending spam in the form of advertising of the application to the users’ contacts and the from field was that of the users’ mobile number.
The report by Kaspersky Lab states that they initially believed it was an SMS worm that was sending these messages to all the users’ contacts; however, after researching the situation, they discovered that it was a Trojan Horse that was uploading the users’ phonebook to a remote server. They explain this by stating that the replication part was being carried out by the server that sent SMS messages with the application’s URL. Upon installation of the app, a user was prompted to fill out their mobile number as well as e-mail address. The report states, “If user launches this application he will be asked to register in the app using his email address and cell phone number (both fields won’t be checked for validity). If user wants to ‘find friends in a phone book’ his phone book data will be secretly (no EULA/ terms of usage/notifications) uploaded to remote server.Malware in the Google Play is nothing new but it’s the first case that we’ve seen malware in the Apple App Store. It is worth mentioning that there have not been any incidents of malware inside the iOS Apple App Store since its launch 5 years ago. But the main issue here is user’s privacy again. It’s not for the first time when we see incidents related to user’s personal data and its leakage. And it’s for the first time when we have confirmed case of malicious usage of such data.”
No comments:
Post a Comment