Apple’s spotless record of keeping the App Store clear of malicious spam apps has been tarnished. Researchers at Kaspersky have discovered an app called “Find and Call” in Apple’s iOS App Store and the Google Play marketplace, Forbes noted on Thursday. The malicious app masquerades as a tool for simplifying contact lists but it instead uploads a user’s full contact list to a remote server and proceeds to send SMS and email spam to every person in the list. “It’s not for the first time when we see incidents related to user’s personal data and its leakage,” Kaspersky’s Denis Maslennikov wrote in a post on the company’s blog. “It’s for the first time when we have a confirmed case of malicious usage of such data… Yes, these pieces of malware are not that ‘cybercriminalistic’. But malware is malware and in this case it steals user’s phone book and uses it for SMS spam.”
UPDATE: Apple has pulled “Find and Call” from the App Store.