For the first time, a malware was found in the iOS App Store in Apple's App Store. Besides, malware app named "Find and Call" was found in the Android Google Play too. The Kaspersky Lab claims that both apps have been removed from their respective official stores.
According to reports, an analysis of the iOS and Android versions of the same app proved that it was a Trojan which had the ability to upload user's phonebook information to a remote server. Both apps were able to upload the user's GPS coordinates to the same server which is actually the most common task performed by both malicious and legal apps. The app needed the user's e-mail address and phone number during the registration. The app stole the user's phonebook information to message spam campaigns. Both apps were detected as Trojan.AndroidOS.Fidall.a and Trojan.IphoneOS.Fidall.a.
It is reported that the Russian blog AppleInsider.ru was able to connect with the app's author. The author claimed that system was in process of beta-testing. "In result of failure of one of the components there is a spontaneous sending of inviting SMS messages. This bug is in process of fixing. SMS are sent by the system, that is why it won't affect your mobile account," said the app author via translated e-mail.
The site claims that malware in the Google Play is nothing new while it is the first time a malware has been found in an Apple App Store. Back in April, a malicious version of Angry Birds was discovered putting smartphones and tablets at risk. The SophosLabs had detected a Trojan which was identified as Andr/KongFu-L. The bug appeared to be a completely functional edition of the most popular game. It used the GingerBreak program to grant itself root access to the device and then installed malicious codes.
"It is worth mentioning that there have not been any incidents of malware inside the iOS Apple App Store since its launch in 5 years ago, "explains Kaspersky Lab on its SecureList blog.