Apple removes first trojan app to be listed in the App Store

If you’re not reaching, engaging, and monetizing customers on mobile, you’re likely losing them to someone else. Register now for the 8th annual MobileBeat, July 13-14, where the best and brightest will be exploring the latest strategies and tactics in the mobile space.


“Find and Call,” the first malicious app to make it into the  iOS App Store was removed today, after reports surfaced of it stealing address books and spamming contacts.

The app was first noticed by security researchers at Kaspersky Lab, according to Wired. It paraded as a utility app and a way to organize your contacts, when it was actually stealing the phone’s address book and targeting friends and family with spam messages and e-mails.

This utility category in the Android Google Play store, where the app was also listed, is known to have issues with malicious app entries. Security analysts often caution people to know what they’re downloading when purchasing a utility app.

The spam was effectively a marketing ploy. Once it gained access to the address book, it sent messages to contacts posing as the user, prompting them to download the app.  The developers did include a request for access to the address book, however, saying the user could find more friends using the address book feature.

According to Forbes, the issue only affected Russian iOS users, and the developer is claiming it was the result of a bug. Apple confirmed to Wired that the app was removed from the App Store due to this specific problem.

The issue appeared right around the same time Apple started distributing corrupt app updates to users of Instapaper, Angry Birds Space, and over 100 other apps. The two are undoubtedly unconnected, however.

hat tip Wired; Rolodex image via Shutterstock

VB's research team is studying mobile user acquisition... Chime in here, and we’ll share the results.