Cybercriminals continue to develop malware of all kinds, seeking to overcome the security barriers imposed by companies. The main application distribution companies, Manzana Y Google, maintain controls over the content they make available to customers, but they are not always effective. In the case of Manzana Until now the system had been almost insurmountable, but it has become clear that its application validation is not perfect.
A Kaspersky researcher has alerted about an application that would compromise the security of users. Specifically, the application was in Google play and in the Apple App Store, which confirms that iOS users have also been susceptible to compromising the security of their data.
The application in question, which has already been retired, is called Find and Call. In principle, it is a tool to manage the address book, but Kaspersky has explained that it is a trojan. When executing the app, the system asks users for their email information and their phone number, but no notification is sent to verify the veracity of the same.
The trojan what it does is export the data of the users, telephone numbers and addresses to a remote server to be able to use them without express consent of the users. Thanks to the information previously collected, telephone number and addresses, the trojan it is capable of sending messages to the victim’s contacts by putting their information in the return address. In this way, spam messages are supposed to originate from a known source, which increases their effectiveness.
The application has already disappeared from the Apple App Store and of Google play. However, its appearance, for a short time, has been able to generate a large number of downloads. This is an example that the measures of Manzana Y Google They are not perfect and customers should exercise extreme caution.