Apple App Store Proven Vulnerable For The First Time- Spam App Repulsed

Russian security firm Kaspersky Lab has reported to be warned against an app available in the Apple app Store recently.  The app was silently gathering users' address book contacts and transferring the data to the developer's servers. When delivered, the developers; systems were then sending text messages to the contacts, wherein they advertised the app. However the “From” field was being filled with the phone number of the original user. Soon after the release of the report, several updates have been made, noting that the spam invites were also being sent via email. One of the users claims to have got in touch with the app author, who on the other hand claims that the personal data transfer is just a bug. Obviously, the explanation certainly appears to be suspect.

The app titled as Find and Call was primarily targeted to the Russian users while the app description was in Russian language. However, Find and Call was available in the app Stores all over the world. It is worth mentioning that there have not been any cases of malware inside the iOS Apple App Store since its launch 5 years ago. According to the report, it is not the first fact of personal information inappropriate transfer by App Store apps, but appears to be the first time that such information has been used for malicious spamming purposes. 

Apple has been considering setting restrictions for third-party apps' access to personal data, and now it seems the company will roll out enhanced, thus stricter permission requirements in iOS 6 to alert users when their data is being accessed. Soon after the report release Apple issued a statement, announcing that Find and Call has been removed from the Apple App Store. 

According to Apple’s spokesperson “The Find & Call app has been removed from the App Store due to its unauthorized use of users’ Address Book data, a violation of App Store guidelines.” We checked and the links to the app in the U.S. and Russian App Stores show that it is unavailable. However, the app dos exist for quite some time, as it debuted in the App Store on June 13th.



Blog Archive