Apple Pulls Russian SMS Spam App from App Store [Updated]

by

Earlier today, Russian security firm Kaspersky Lab reported that it had been alerted to an app available in both Apple's App Store and the Google Play store for Android that was quietly harvesting users' address book contacts and sending them to the developer's servers. The developer's systems were then sending text messages to those contacts advertising the application, with the "From" field being spoofed with the original user's mobile phone number.

find and call
The application, Find and Call, ended up primarily targeting Russian users due to its use of the Russian language in the app description, but the app was available in App Stores around the world. The report notes that while there have been previous incidents of personal information being transmitted inappropriately from App Store apps, this appears to be the first time that such information has been used in a malicious manner.

Malware in the Google Play is nothing new but it’s the first case that we’ve seen malware in the Apple App Store. It is worth mentioning that there have not been any incidents of malware inside the iOS Apple App Store since its launch 5 years ago. But the main issue here is user’s privacy again. It’s not for the first time when we see incidents related to user’s personal data and its leakage. And it’s for the first time when we have confirmed case of malicious usage of such data.

In several updates to the original post, Kaspersky Lab notes that spam invites are also being sent via email. One user was also able to get in touch with the application's author, who claims that the behavior is a bug, although the explanation certainly appears to be suspect.

It now appears that Apple has removed Find and Call from the App Store, as links to the app in the U.S. and Russian App Stores show that it is unavailable. The app did exist for some time, however, as it debuted in the App Store on June 13.

Apple has been working to limit third-party apps' access to personal data, and will be rolling out enhanced permission requirements in iOS 6 to alert users when their data is being accessed.

Update: Apple has issued a statement to The Loop acknowledging that it has pulled the app.

“The Find & Call app has been removed from the App Store due to its unauthorized use of users’ Address Book data, a violation of App Store guidelines,” an Apple representative told The Loop.

Top Rated Comments

Richdmoore Avatar
Richdmoore
149 months ago
I hope apple uses it's "kill switch" to delete this app from those phones that have already downloaded the app.
Score: 35 Votes (Like | Disagree)
Skika Avatar
Skika
149 months ago
This would never have happened if Steve Jobs was still with us. :eek:
The only way i can make it through the day without suicide is convincing myself that people like you are just trolls.
Score: 21 Votes (Like | Disagree)
RoelJuun Avatar
RoelJuun
149 months ago
The first question that pops up in my mind is; how got it in the app store in the first place.
Score: 21 Votes (Like | Disagree)
Mad-B-One Avatar
Mad-B-One
149 months ago
Why are people acting like there hasn't been malware on the iPhone before? About two months ago, I had malware that quietly changed whatever phone number was the top of my Favorites list to a 1-800 number I didn't recognize. Delete that entry from my Favorites list, and two seconds later, whatever the new top number was on my Favorites changed to that 1-800 number. I ended up wiping and reinstalling iOS, and the problem went away.

This started up after I got a spam SMS message.

Anybody else seen this?

Do you have a JB phone?
Score: 18 Votes (Like | Disagree)
ouimetnick Avatar
ouimetnick
149 months ago
I hope apple uses it's "kill switch" to delete this app from those phones that have already downloaded the app.
In this case, thats a good idea. If all the app does is spam, spam, and spam, then kill it. Was this a free app? If not, they should take the money from the developer's account (if he has received it already) and return it to the people who downloaded this app.
Score: 17 Votes (Like | Disagree)
chainprayer Avatar
chainprayer
149 months ago
Is it just me, or is anyone else wanting to see the kill switch in action? :-P
Score: 16 Votes (Like | Disagree)
Read All Comments

Popular Stories

iOS 17

iOS 17.2 Will Add These 12 New Features to Your iPhone

Friday December 1, 2023 12:19 pm PST by
iOS 17.2 has been in beta testing for over a month, and it should be released to all users in a few more weeks. The software update includes many new features and changes for iPhones, including the dozen that we have highlighted below. iOS 17.2 is expected to be released to the public in mid-December. To learn about even more features coming in the update, check out our full list. Journal ...
Read Full Article
anker new xmas 1

Anker's Cyber Week Sale Enters Final Days With Up to 60% Off Sitewide

Friday December 1, 2023 12:05 pm PST by
Anker's Black Friday/Cyber Week event is entering its final days this weekend, and it's still offering up to 60 percent off sitewide. There are also a few "mystery boxes" that can include hundreds of dollars in savings, if you're willing to risk not knowing what you're buying ahead of time. All of these sales will end on December 3. Note: MacRumors is an affiliate partner with Anker. When you...
Read Full Article19 comments
top stories 2dec2023

Top Stories: iOS 17.1.2 Released, NameDrop Misinformation, and More

Saturday December 2, 2023 6:00 am PST by
Apple employees are back to work following a Thanksgiving break, and that means this week saw a number of new operating system updates for both public release and beta testing. This week also saw some misinformation about Apple's new NameDrop feature making the rounds, while Apple and Goldman Sachs appear to be on the verge of a break-up in their Apple Card and savings account partnership,...
Read Full Article31 comments
General Apps Messages

Green Bubbles on iPhone to Gain These 7 New Features Next Year

Thursday November 30, 2023 9:00 am PST by
Earlier this month, Apple announced that it will finally support RCS in the Messages app on the iPhone starting later next year. This change will result in several improvements to the messaging experience between iPhones and Android devices. RCS will become the new default standard for messaging between iPhones and Android devices, but these conversations will still have green bubbles like...
Read Full Article
m2 macbook air green

Get Apple's M2 MacBook Air and M3 MacBook Pro for Record Low Prices

Friday December 1, 2023 6:59 am PST by
Best Buy is discounting a collection of MacBook Air and MacBook Pro models to all-time low prices today. We're tracking these deals below in addition to great discounts on the Apple Pencil 2 and Apple Watch Ultra 1. MacBook Air Note: MacRumors is an affiliate partner with some of these vendors. When you click a link and make a purchase, we may receive a small payment, which helps us keep the...
Read Full Article35 comments
iPhone 16 Mock Header Updated 1

iPhone 16 to Include Action Button Across Entire Lineup

Thursday November 30, 2023 4:08 pm PST by
The release of the iPhone 15 Pro and Pro Max saw the introduction of an entirely new user-configurable button known as the Action button, and now, MacRumors has seen extensive evidence confirming Apple is planning to include the Action button on the entire iPhone 16 range. Designs and plans for the Action button date back to at least 2021, as the button was intended for release alongside hapt...
Read Full Article121 comments