For the first time in its history, malware has successfully made its way into an available app on the iOS App Store.
Wired reports that a Russian-language app called Find and Call was discovered to contain a Trojan virus that uploaded users’ address books to a remote server. It also spammed all phone and email contacts with links to the app and logged the handset’s GPS coordinates.
iOS apps are required to ask for permission before accessing address book data – something that Find and Call does, though it isn’t honest about how it intends to use the data.
It has since been removed from the App Store.
The app was also released on the Google Play Store (which, unlike Apple’s portal, is no stranger to cunningly concealed malware) from which it has since been removed.