web analytics
yugatech x infinix pad

“Find and Call” Trojan hits the iTunes App Stores

People who think that downloading apps from the Google Play and iOS App Store is completely safe. Well, think again — the iTunes App Store gets its first trojan.

According to Kaspersky’s latest report, they’ve discussed some utterly alarming facts about an app called “Find and Call”. What may appear to be an SMS worm, is actually a trojan that sends a user’s contact lists to an online server — without the user’s knowledge whatsoever, basically stealing all of your contacts.

But wait! It gets worse…

From thereon, the server will then take advantage of all the contacts uploaded from your device to send out numerous SMS spam that includes a URL on where to download the app — which by the way, contains a message that seems to have been composed solely by you. Hoping to fool your friends, thus, aiding the further spread of the app.

“If user launches this application he will be asked to register in the app using his email address and cell phone number (both fields won’t be checked for validity). If user wants to ‘find friends in a phone book’ his phone book data will be secretly (no EULA/ terms of usage/notifications) uploaded to remote server” as stated by Denis, an expert from Kaspersky Labs.

Since the security/privacy breaching issue behind the ‘find and call’ app has been raised by Kaspersky Labs, the app is no longer available for downloads at the Google Play and iOS app stores.

In the corrupted realm of technology, no one is completely safe. Even the world’s most secure mobile platform — the Blackberry 7 OS, is still vulnerable to trojans and malware if a user of the device running it is recklessly installing apps from the app world. Then again, consumers won’t be able to download/find the forsaken app if the people at Research in Motion (RIM) has reviewed it properly right?

So this brings up the question: Who is to blame for the release of the “Find and Call” app?

Kaspersky has acknowledged the public that the Russian “Find and Call” app may not subject your Android or iOS device to bricking nor can it steal money from unsuspecting users, although, the app’s website appears to be asking users for social networking logins and PayPal account passwords in attempt to gain more personal info [probably] for financial motivations in the future (talk about phishing; how clever!).

{sources: TechGlued , ArsTechnica, SecureList}

Subscribe to Blog via Email

Enter your email address to subscribe to this blog and receive notifications of new posts by email.

Join 1,118 other subscribers
Avatar for Kevin Go

Kevin is a blogger, avid gamer and always keeps himself updated with the latest trends in technology. He's still a bit shy so no Twitter and Facebook link here.

6 Responses

  1. Avatar for Karlo Tayab Karlo Tayab says:

    How come that these application had been available for iTunes and Google Play, does the iTunes and Google Play does not really filter the apps and make them available?.

  2. Avatar for Karlo Tayab Karlo Tayab says:

    How come that these application had been available for iTunes and Google Play, does the iTunes and Google Play does not really filter the apps and make them available?.

  3. Avatar for maclover maclover says:

    Good thing that there are lots of good apps at iTunes to get busy with that we are not affected by some unknown apps…

  4. Avatar for tarush tarush says:

    From Wikipedia:

    A Trojan horse, or Trojan, is a standalone malicious file or program that does not attempt to inject itself into other files unlike a computer virus and often masquerades as a legitimate file or program. Trojan horses can make copies of themselves, steal information, or harm their host computer systems.[1] The first and many current Trojan horses attempt to appear as helpful programs. Others rely on drive-by downloads in order to reach target computers.

  5. Avatar for maico maico says:

    itunes suck, Google Play Store is safer.

    • Avatar for yehey9 yehey9 says:

      haha.. as if it was not on Google play also.. read the whole story. not just the title..

Leave a Reply