Anti-virus software company Kaspersky Lab is warning of an application that secretly uploads a user’s phonebook to a remote server, from where ‘spam’ SMS messages are sent.
The app, called ‘Find and Call’, was available in iOS and Android versions via the Apple App Store and Google Play. It now appears to have been removed.
Customers who install the app - which appears to be an address book - will find that their contacts all receive a text message inviting them to download the app. The message shows the original customer’s mobile number as the sender.
The developer has told a Russian blog that the SMS messages are a ‘bug’ it is in the process of fixing.
Although malware is regularly found (and removed from) Google Play, Kaspersky’s securelist.com blog says there have not been any previous incidents of malware inside the iOS Apple App Store since its launch.