Apple's app screening fails as malware app gets onto App Store A malicious app has found its way onto the Apple iOS App Store for iPhone and iPad. The app, named ‘Find and Call’ managed to get on the store despite Apple’s strict screening process. Kaspersky Lab discovered the Trojan which is widely considered to be the first malware found in the App Store.The security firm explained that the app was thought to be an SMS worm sending text messages to contacts with a url to the app itself. However, it later found that the Trojan uploads the user’s phonebook to a remote server to be used for spam text messages.Apple said: “The Find and Call app has been removed from the App Store due to its unauthorised use of users’ Address Book data, a violation of App Store guidelines.”Find and Call also made an appearance on the Google Play Store but has since been removed by the firm. Security firm Sophos doesn’t agree with Kaspersky that the app is actually malware. In its blog it points to the fact that the app has the same name across both stores, it has functionality and the Find and Call website is also not malicious.“It would probably be more accurate to say that the “Find and Call” app is “spammy” – as it leaks data all over the place in plain text via http (which means, of course, that the data could be intercepted and sniffed by someone wanting to snoop on you).” said Sophos. Follow Chris Martin and @PCAdvisor on Twitter. Related content feature Top cybersecurity M&A deals for 2023 Fears of recession, rising interest rates, mass tech layoffs, and conservative spending trends are likely to make dealmakers cautious, but an ever-increasing need to defend against bigger and faster attacks will likely keep M&A activity steady in By CSO Staff Sep 22, 2023 24 mins Mergers and Acquisitions Mergers and Acquisitions Mergers and Acquisitions brandpost Unmasking ransomware threat clusters: Why it matters to defenders Similar patterns of behavior among ransomware treat groups can help security teams better understand and prepare for attacks By Joan Goodchild Sep 21, 2023 3 mins Cybercrime news analysis China’s offensive cyber operations support “soft power” agenda in Africa Researchers track Chinese cyber espionage intrusions targeting African industrial sectors. By Michael Hill Sep 21, 2023 5 mins Advanced Persistent Threats Cyberattacks Critical Infrastructure brandpost Proactive OT security requires visibility + prevention You cannot protect your operation by simply watching and waiting. It is essential to have a defense-in-depth approach. By Austen Byers Sep 21, 2023 4 mins Security Podcasts Videos Resources Events SUBSCRIBE TO OUR NEWSLETTER From our editors straight to your inbox Get started by entering your email address below. Please enter a valid email address Subscribe