Russian information security vendor Kaspersky Lab revealed on Thursday (August July 5) that a malicious program named "Find and Call" was simultaneously stored in Apple's App Store and Google Play mobile App Store, this malware will steal the user's contact list and send spam messages, which is the first malicious program in App Store. Apple and Google have already removed this program.
Find and Call is a Russian language program that allows you to search for user contact lists and make phone calls. Kaspersky Lab is investigating after receiving a notification from a Russian mobile manufacturer. Denis Maslennikov, a security expert, explains that "Find and Call" is a trojan program that uploads users' GPS coordinates and their contact lists to remote servers, then, the remote server sends spam messages containing the download link of the program to these contacts, and the sender of the text message is the infected user.
In addition, the "Find and Call" function requires users to enter their phone numbers and email accounts. The website also requires users to enter their social network accounts and provide PayPal recharge functions.
Maslennikov said that malicious programs on Google Play are nothing new, but this is the first time they have discovered malicious programs on the App Store. In addition, even if many users have seen Personal Data leaks, this is the first time that user data has been leaked and abused.
Both App Store and Google Play remove Find and Call from the App Store on the same day that the message was exposed.