A mobile Trojan that covertly delivers mobile phone location data and contact details has become available on Apple’s App Store.
The malware, which has now been pulled, was found inside an app called Find And Call and was discovered by anti-virus firm Kaspersky Lab following a request by Russian mobile phone network MegaFon, the Register reports.
It sent the data to spammers through a ‘find your friends’ feature, which automatically uploaded the information to servers run by the makers of the app without the consent of the end user.
It was also found on the Google Play marketplace – used by owners of Android-powered devices – and then sent out text messages to contacts taken from infected phones in a bid to encourage other iPhone owners to download the app.
Both Apple and Google have pulled the software – which was produced by Russian developers – from their stores.
Smartphone security is becoming more of a concern as the capabilities of the devices increases and IDC Financial Insights recently urged firms to tighten up security loopholes as more and more people use their phones to carry out mobile banking and make payments.
Posted by Peter Robinson