Google Play Store detects malware in Android App with 100 million downloads

Thursday, 29 Aug, 2019

But according to security research firm Kaspersky (via Tom's Guide) "However, at some point, that changed, and recent versions of the app shipped with an advertising library containing a malicious module".

"It can be assumed that the reason why this malware was added was the app developers' partnership with an unscrupulous advertiser", noted Kaspersky researchers Igor Golovin and Anton Kivva. Upon analyzing the app, the researchers found that the app utilized an advertising library that contained a malicious dropper component called Trojan-Dropper.AndroidOS.Necro.n.

We have often reported malicious Android apps and how Google ends up eradicating those apps from the Play Store.

"It looks like app developers got rid of the malicious code with the latest update of CamScanner".

In the case of CamScanner, the malicious file has been identified as "Trojan-Dropper.AndroidOS.Necro.n" This is the module that does the dirty tricks and one of the most unsafe actions it does is to sign up for paid subscriptions automatically. This can also allow malware authors to snoop on victim's activities and steal login credentials for social media and banking apps. CamScanner, an Android App with over 100M Downloads found with malicious files. Google removed the app from the Play Store following the report, however, as I see the Android app is back on Google Play Store. AndroidPolice conducted its own tests to conclude that the versions uploaded in August 2019 are free of malware, but the versions released between June 16, 2019, to July 25, 2019, all contain the malware.

Researchers have discovered two Google Play apps with more than 1.5 million downloads engaging in a new form of click fraud that drained batteries, slowed performance, and increased mobile data usage of infected phones. And, while the app has been booted off the Play Store, it's still available to iOS users. Intrusive ads are pesky, but no consumer wants to pay for subscriptions they never signed up for.

Our advice? CamScanner betrayed your trust, and it's time to switch to an app you won't have to worry about.