WeatherFist mobile app duped 8000 iPhone and Android users into joining smartphone botnet

At RSA Conference, a report by Kelly Jackson Higgins, Derek Brown and Daniel Tijerina revealed ‘they created a smartphone application called “WeatherFist” which grabbed information from 8000 smartphone users, including their GPS co-ordinates and telephone numbers, before displaying local weather information. Tijerina and Brown chose not to distribute their app via the official iPhone and […]

At RSA Conference, a report by Kelly Jackson Higgins, Derek Brown and Daniel Tijerina revealed ‘they created a smartphone application called “WeatherFist” which grabbed information from 8000 smartphone users, including their GPS co-ordinates and telephone numbers, before displaying local weather information. Tijerina and Brown chose not to distribute their app via the official iPhone and Android application stores, presumably because they believed it might not be successful. Instead they distributed WeatherFist app via third party app markets like Cydia, SlideME and Modmyi, meaning that it could only be installed on jailbroken iPhones or Android devices where users had specifically given permission for non-approved applications to be run. They also claim have wrote a malicious version of WeatherFist application, dubbed WeatherFistBadMonkey. According to DarkReading, malicious WeatherFistBadMonkey app behaves more like traditional botnet code, stealing information and capable of distributing spam,” reports Sophos.

[Source]