First iOS App Store malware detected

iphone malware First iOS App Store malware detected

The first malware on Apple's iOS App Store has been detected, marking the latest in a series of security problems for the Cupertino, California-based company.

The first malware on Apple's iOS App Store has been detected, marking the latest in a series of security problems for the Cupertino, California-based company.

 
Russian security firm Kaspersky Lab found a trojan disguised as a Russian-language app called Find and Call in both Apple's App Store and Google Play, formerly the Android Market.
 
Once downloaded and installed, the malware grabs GPS coordinates and steals the user's address book, using the emails and phone numbers to send spam messages, recommending friends try out the Find and Call application. Since it appears to come from a genuine user, more people get sucked into the malware scheme.
 
“The Find and Call app has been removed from the App Store due to its unauthorised use of users' address book data, a violation of App Store guidelines,” said Trudy Muller, spokesperson for Apple. The app has also been removed from Google Play.
 
iphone malware First iOS App Store malware detected
 
Android has suffered with malicious apps for some time now, largely thanks to the openness of its platform, but Apple's closed approach to iOS has helped it evade disguised malware until now, making this break in Apple's security particularly significant.
 
The developer of the app claims the spam messages are the result of a bug, which is being fixed, but that explanation is unlikely to wash with many people. Even if the incident is genuinely an error, the bad press alone suggests that Apple and Google will be hesitant to reinstate the app.
 
Apple's reputation for producing devices and software with high security has taken several knocks recently. A backdoor in Mac OS X is being exploited to target activists, while Apple itself has removed its security guarantee as it finds the popularity of its products drawing the eyes of more hackers, spammers and cybercriminals.
 
Source: Wired