Malware Alert! CamScanner infected with Trojan Dropper

by August 29, 2019 0 comments

If you are a hefty user of CamScanner, beware! Google has removed the CamScanner from its Play Store after security researchers at the Kaspersky claimed that the pdf converter contains an advertising bug that automatically sign-ups users for paid subscriptions. CamScanner converts a smartphone into a portable scanner helping users scan texts, pdf, etc.

‘CamScanner was actually a legitimate app, with no malicious intentions whatsoever, for quite some time. It used ads for monetization and even allowed in-app purchases. However, at some point, that changed, and recent versions of the app shipped with an advertising library containing a malicious module,’ Kaspersky said in a blog post.

According to researchers at Kaspersky, the latest Android version of CamScanner is infected with a Trojan Dropper, shows intrusive ads to users and is capable to sign up for paid memberships. CamScanner has over 100 million downloads before it was being taken down by Google.

The module, technically called as Trojan-Dropper.AndroidOS.Necro.n, was also present in some pre-installed apps on Chinese smartphones. According to Kaspersky researchers, the module can extract and run another malicious module from an encrypted file that’s present in the app’s resources. The advertising malware detected on CamScanner is a ‘dropped’ malware, in turn, is a Trojan Downloader that downloads more malicious modules depending on what its creators are up to at the moment.

A few CamScanner app users have reported app performing suspiciously and have left reviews on the app’s Google Play page with warnings to avoid the app.

The app developers have claimed that they have got rid of the malicious code by updating the app, keep in mind, though, that there could be various versions of the app for different devices, and a few of them might still contain malicious code.

While the Google Play Store is generally considered safe for downloading apps as Google also runs a variety of check on them, however, at times malware distributors still push their apps into Google Play.

No Comments so far

Jump into a conversation

No Comments Yet!

You can be the one to start a conversation.