Google did a great job in March by cleaning up the Google Play store and getting rid of all the unwanted applications, but it appears it will have to do more. Android’s security flaws are known and well documented but even with the introduction of the new ‘Bouncer’ system, a number of malicious applications are still in Google Play, one being the “Find and Call” spam application that has also been a problem for iPhone users.
“Find and Call” is a malware that accesses the phonebook and uploads the contacts stored in the phone to a remote server. Once it has stolen the contacts, it will send spam messages to the numbers, encouraging the recipients to click on links and download the application. Although the application looks very harmless compared to other threats that Android users have had to deal with in the past, it is still a very serious issue and it is good that it has been discovered.
The “Find and Call” malware has already been removed from Google play but it seems to have wrecked quite some havoc amongst users who installed it. This spyware managed to make its way to the iOS system as well despite the iOS being praised as being more thorough in screening applications and being more secure than the Android OS.
Some bloggers and reviewers have referred to the finding of the “Find and Call” spammer in Apple’s App Store iOS’s biggest security breach ever, raising concerns as to whether Apple Store really is as secure as it is praised to be. App Store is often thought to be very organized and thorough in screening malwares before they get a spot on the App Store.
“Find and Call” malware was discovered by Kaspersky Labs after they were alerted of the ‘suspicious’ application by one of the most prominent Russian mobile carriers MegaFon. After analysis, the security experts from Kaspersky concluded that “Find and Call” was a trojan that accessed the phonebook and uploaded the contacts to remote servers.