Kaspersky Labs has discovered a malware app called "Find and Call" lurking in the iTunes App Store and Google Play. The app uploads the user's contact list to a remote server and uses the information to spam contacts with text messages and emails from the user's accounts. Apple and Google Play have both removed the app after being notified of spam messages. It's notable that malware managed to slip through Apple's review process, but it isn't the first time that the iTunes App Store has proven vulnerable — though it may be the first time that live spamware made it through. There have been concerns about apps misusing address book data in the past, and this malware's presence in the app store will likely revive some of these worries. The good news, for Apple users at least, is that the company has promised to require explicit permission for address book access in iOS6.