Having a well-vetted App Store is a competitive advantage for iOS devices, but that edge has taken a slight tarnish lately with a revelation from security firm Kaspersky Labs that an app made its way past Apple’s vetting process. The app Find and Call was advertised as a way to easily search through telephone directories for your friend’s numbers, but as an unwanted extra it sent spam text and email messages advertising the app to contacts in the user’s address book while uploading the iPhone’s Contacts information (including email addresses) to the developer’s servers.
The app was primarily aimed at Russian markets (the app description page was written in Russian) but was available to users worldwide. The developers claim that the unwanted behavior is a bug, but this claim is a shaky one considering the deliberate, targeted behavior of the app. While no immediate harm was done, the app did violate the iTunes App Store terms and annoyed more than a few recipients of the spam ads. The app was apparently in the wide for some time; it first appeared in iTunes June 13 and was taken down recently. The app was also released for Android and was removed from Google Play’s Android app market recently as well.
In an attempt to prevent this sort of malfeasance Apple has announced tighter access controls as a part of the upcoming iOS 6 release, as well as tighter policing of apps in iTunes.