This morning, a Trojan Horse was found on the Apple App Store and the Google Play store. The app, which goes by the name ‘Find and Call’, will ask to access your contact book when installed. Once it has access, your contacts will be uploaded to a remote server. Once your contacts have been uploaded, they will receive an SMS that contains a download link for the app. What makes this even worse? The app will mask the SMS sent with your phone number, so your contacts will have a higher chance of downloading the app.
The app has been pulled from both Google Play and the iTunes App Store so it shouldn’t have the chance to infect any more devices. However, there is no word on what will happen to already infected devices. And while malware is popular in the Google Play store, this is the first time Apple has seen this type of attack.