Malware Found in a widely popular App “CamScanner”
Google play store is mostly considered as a safe haven for downloading any kind of software. But nowadays, nothing is 100% safe and most of the attackers are trying to generate new-new techniques to place their apps in Google Play.
The malware was found on an application which is already present on Google Play and has more than 100 million downloads on Google Play store. This malware was found in the free version of CamScanner and this application is highly-popular Phone PDF creator.
Be safe! Just uninstall the CamScanner app from your Android device now if it is installed in your phone. Google play has already removed the application from its official Play Store.
Researchers found a hidden Trojan-Dropper module within the application that could allow remote attackers to secretly download and install malicious program on users’ Android devices without their knowledge.
This malicious module is not present in the code of CamScanner Android app but it is a part of a 3rd-party advertising library that was recently introduced in the PDF creator app.
This malware was discovered by Kaspersky security researchers and the issue was noticed when many CamScanner users spotted suspicious behavior and posted a lot of negative reviews on the Google Play Store over the past few months.
In the analysis of the malicious Trojan-Dropper module, it was revealed that the same component was observed in some applications which are pre-installed on Chinese smartphones.
“ The module extracts and runs another malicious module from an encrypted file included in the app’s resources,” Kaspersky security researchers warned.
The Researchers reported about this malware to the Google and they removed the CamScanner app from Play Store, but they said that “ it looks like app developers got rid of malicious code with the latest update of CamScanner.”
The researchers also said, “ that versions of the app vary for different devices, and some of them may still contain any malicious code ”.
The paid version of the CamScanner app doesn’t include the 3rd-party advertising library and thus there is no malicious module in this version of CamScanner and is still available on the Google Play Store.
The problem is that even such a powerful company as Google can’t thoroughly check all the apps which are present on the Play Store and most of the apps are updated regularly, so the job of Google Play employee’s is never done.
That’s why it is always advised to keep a good antivirus app on your Android device that can detect and block such malicious activities before they infect your device. Always look at the reviews of the app which are left by the other users who have already downloaded the app, and also verify the permissions before installing any app and grant only those permissions that are relevant for that application.