Malware found in Apple's app store

An application available for Apple and Google’s mobile operating systems steals the user’s contacts list with the purpose of texting spam, according to a report.

Apple App Store

The report issued this week claims it is the first malware to appear in Apple’s App Store.

The app, called “Find and Call”, passes itself off as a mobile phone book application, but users who download and use the app will have all of their contacts uploaded to a remote server, according to a post from the Kaspersky Lab security blogger Denis Maslennikov. Once the app uploads the user’s contacts, it sends text messages to all of the contacts that appears to be from the infected phone’s number, with a link to download the app.

Maslennikov traced the app’s creation to a website for a Singapore-based company, which seeks even more information about visitors, including PayPal information.

This type of malicious software, called a Trojan, has appeared in Android’s Google Play store before, Maslennikov reported, but “it’s the first case that we’ve seen malware in the Apple App Store,” he wrote.

Apple and Google were notified of the malware app available in their stores by Kaspersky. In the Google Play store, the app had more than 100 downloads and three one-star ratings, while advertising “Free calls from your mobile phone to domains, email, Skype, social networks. Forget about numbers!!!” In Apple’s App Store, the app received 1.5 stars.

Apple did not immediately respond to an email request for verification and comment. Google does not comment on specific apps.

The malware app adds to problems for Apple’s popular app store after users receiving updates for apps in recent days suffered through their apps crashing immediately after launching them.