Apple Pulls Russian SMS Spam App from App Store [Updated]

Discussion in 'MacRumors.com News Discussion' started by MacRumors, Jul 5, 2012.

  1. macrumors bot

    MacRumors

    Joined:
    Apr 12, 2001
    #1
    [​IMG]


    Earlier today, Russian security firm Kaspersky Lab reported that it had been alerted to an app available in both Apple's App Store and the Google Play store for Android that was quietly harvesting users' address book contacts and sending them to the developer's servers. The developer's systems were then sending text messages to those contacts advertising the application, with the "From" field being spoofed with the original user's mobile phone number.

    [​IMG]


    The application, Find and Call, ended up primarily targeting Russian users due to its use of the Russian language in the app description, but the app was available in App Stores around the world. The report notes that while there have been previous incidents of personal information being transmitted inappropriately from App Store apps, this appears to be the first time that such information has been used in a malicious manner.
    In several updates to the original post, Kaspersky Lab notes that spam invites are also being sent via email. One user was also able to get in touch with the application's author, who claims that the behavior is a bug, although the explanation certainly appears to be suspect.

    It now appears that Apple has removed Find and Call from the App Store, as links to the app in the U.S. and Russian App Stores show that it is unavailable. The app did exist for some time, however, as it debuted in the App Store on June 13.

    Apple has been working to limit third-party apps' access to personal data, and will be rolling out enhanced permission requirements in iOS 6 to alert users when their data is being accessed.

    Update: Apple has issued a statement to The Loop acknowledging that it has pulled the app.
    Article Link: Apple Pulls Russian SMS Spam App from App Store [Updated]
     
  2. macrumors 65816

    Joined:
    Jul 24, 2007
    #2
    I hope apple uses it's "kill switch" to delete this app from those phones that have already downloaded the app.
     
  3. macrumors 68020

    ouimetnick

    Joined:
    Aug 28, 2008
    Location:
    Beverly, Massachusetts
    #3
    In this case, thats a good idea. If all the app does is spam, spam, and spam, then kill it. Was this a free app? If not, they should take the money from the developer's account (if he has received it already) and return it to the people who downloaded this app.
     
  4. macrumors 6502

    RoelJuun

    Joined:
    Aug 31, 2010
    Location:
    Netherlands
    #4
    The first question that pops up in my mind is; how got it in the app store in the first place.
     
  5. macrumors member

    Joined:
    Feb 29, 2012
    #5
    Those damn spam bugs! :rolleyes:
     
  6. macrumors 6502a

    Mad-B-One

    Joined:
    Jun 24, 2011
    Location:
    Southern Plains
    #6
    By the current number of Apps available and the security flaws (or holes) in up to iOS 5.1.1, it was just a matter of time this would happen. I imagine it is pretty easy: You submit a clean version of an App and one of the updates contains the exploiting parts. I doubt that the functionality will be checked well enough that this would be rejected.

    Bad news: someone gave an example what you can do with the current settings.

    Good news: Companies like Kaspersky Labs know what to look for.
     
  7. macrumors G5

    Consultant

    Joined:
    Jun 27, 2007
    #7
    Yeah. Although Apple never used the kill switch before, this would be a good case for it.

    The developer probably wasn't spamming its users until it was approved.
     
  8. macrumors 6502a

    TsunamiTheClown

    Joined:
    Apr 28, 2011
    Location:
    Fiery+Cross+Reef
    #8
    the Jig is up pal
     
  9. macrumors 6502a

    Winter Charm

    Joined:
    Jul 31, 2008
    #9
    I agree... This doesn't bode well for anyone :p
    Here would be a great place to exercise the kill switch.
     
  10. darkslide29, Jul 5, 2012
    Last edited: Jul 5, 2012

    macrumors 65816

    Joined:
    Oct 5, 2011
    Location:
    San Francisco, California
    #10
    Oh how I would hate to be that Quality Assurance Tester that signed off and accidentally let this one slip by. Especially if this really is the first incident in five years, as the article states.

    But thinking about it further, there are a lot of apps that access the entire address book. A game like Words with Friends can access the address book, they just are trusted to NOT spam. This app probably went through, and the developer is being a **** by spamming after the fact.
    If that's the case, I don't know how this can be stopped during the approval process.

    Unless it's easy to see when an app is uploading address books to an outside server..
    So many questions..
     
  11. macrumors 6502a

    Mad-B-One

    Joined:
    Jun 24, 2011
    Location:
    Southern Plains
    #11
    Yea, right: "I got all that contact info and didn't know what to do. So, I started to advertise my App to them impersonating you. That clearly was a bug!"

    It's like the situation where the husband walks in on the pool boy and his wife: "Oh, I understand! She was changing, you were taking a leak and when you stumbled, you both tripped 10 feet and landed naked on top of each other in the bed. Time for you to accidently fall 20 times backwards into my kitchen knife! Surely no problem for someone that clumsy."
     
  12. macrumors 6502a

    chainprayer

    Joined:
    Feb 10, 2008
    #12
    Is it just me, or is anyone else wanting to see the kill switch in action? :p
     
  13. macrumors member

    tubular

    Joined:
    Oct 19, 2011
    #13
    I've had iOS malware

    Why are people acting like there hasn't been malware on the iPhone before? About two months ago, I had malware that quietly changed whatever phone number was the top of my Favorites list to a 1-800 number I didn't recognize. Delete that entry from my Favorites list, and two seconds later, whatever the new top number was on my Favorites changed to that 1-800 number. I ended up wiping and reinstalling iOS, and the problem went away.

    This started up after I got a spam SMS message.

    Anybody else seen this?
     
  14. macrumors regular

    Joined:
    Feb 16, 2011
    #14
    Sounds like Facebook.
     
  15. macrumors 68020

    Joined:
    Mar 11, 2009
    #15
    The only way i can make it through the day without suicide is convincing myself that people like you are just trolls.
     
  16. macrumors member

    Joined:
    Feb 29, 2012
    #16
    ...
     

    Attached Files:

  17. macrumors 6502a

    Mad-B-One

    Joined:
    Jun 24, 2011
    Location:
    Southern Plains
    #17
    Do you have a JB phone?
     
  18. macrumors 65816

    Joined:
    Oct 5, 2011
    Location:
    San Francisco, California
    #18
    Funny, I got some malware last week. All of a sudden this app wiped all of the email addresses in my address book, and replaced them with an @facebook.com email address.

    Oh wait that was the official Facebook app and it's still up :p
     
  19. macrumors member

    tubular

    Joined:
    Oct 19, 2011
    #19
    phone not jailbroken

    Nope. That's why I was very surprised to see this. And it's why I'm hoping that iOS 6 does indeed firewall away the contacts list, so that apps can't juggle the Favorites list like that.
     
  20. macrumors 68040

    iSee

    Joined:
    Oct 25, 2004
    #20
    The reviewers aren't all-knowing. For an app like this they could have observed the following without rejecting the app:
    1. App accesses user's contacts (100% legitimate for an app of this nature)
    2. App communicates to app developer's server (many, many apps do this for legitimate reasons.

    It's not valid for an app to sends contact information to the app developer's server without user permission after an adequate and accurate disclosure. But of course the app could have sent that information in an encrypted form so that the app reviewers had no way to know that contacts were being sent or may have actually asked permission without revealing the intent to spam.

    And, obviously, no spam was sent until after the app had been reviewed.
     
  21. macrumors 65816

    VenusianSky

    Joined:
    Aug 28, 2008
    #21
    At this point, I am pretty much convinced that they are using artificial intelligence to approve apps. It was the approved "Microsoft Word 2012" that slipped into the App Store a couple weeks ago (and pulled later) that led me to this.
     
  22. macrumors 68000

    Blakjack

    Joined:
    Jun 23, 2009
    Location:
    Tallahassee Fl.
    #22
  23. macrumors 68040

    iSee

    Joined:
    Oct 25, 2004
    #23
    No, actually when he was shopping for his iPhone he bought a Samsung Android phone by mistake and still hasn't realized it. ;)
     
  24. macrumors 65816

    Joined:
    Oct 1, 2007
    #24
    and there goes the myth that ios is safer then android. Nice job for QA department
     
  25. macrumors 6502a

    TsunamiTheClown

    Joined:
    Apr 28, 2011
    Location:
    Fiery+Cross+Reef
    #25
    Oh i gotta say these guys are on it. They blew the cover on Flame too.
     

Share This Page