Security researchers have discovered a malicious application in the Apple App Store and Google Play marketplace.
The suspicious program, dubbed Find and Call, uploads users' phonebook contacts to a remote server and sends out SMS spam, Kaspersky reported.
The application also prompts users to enter their email logins, social network details and PayPal information.
"The Find & Call app has been removed from the App Store due to its unauthorised use of users' Address Book data, a violation of App Store guidelines," Apple told MacWorld.
The program is no longer available from Google's Play store as well.