Last Updated on by
Malware has always been a security concern for Android smartphones. Over the years Google has made the security of Android devices tighter. However, the problem looks to still present as a new malware has been found in the CamScanner Android application. The CamScanner app is very famous and it can scan any document with the smartphone’s camera. It has also more than 100 million downloads on Google Play Store.
Huge Malware Issue: CamScanner Android App
Researchers at the Kaspersky lab found the app which has so many downloads houses a malicious module. This malicious module then pushed ads and even downloaded apps stealthily on to the affected Android smartphones.
The researchers at the Kaspersky lab became aware of the malicious module after they were alerted for ‘suspicious behavior’ in the free version of the very popular CamScanner application. Many users left negative reviews about the application on Google Play Store. Kaspersky said about the matter,
CamScanner was actually a legitimate app, with no malicious intentions whatsoever, for quite some time. It used ads for monetization and even allowed in-app purchases. However, at some point, that changed, and recent versions of the app shipped with an advertising library containing a malicious module.
The malicious module present in the CamScanner application is Trojan-Dropper.AndroidOS.Necro.n – which is a Trojan-Dropper. This type of modules can run a second malicious component encrypted within the app itself. This Trojan dropper can also infect smartphones with other kinds of malware.
The Kaspersky team came to know that whenever the application starts the dropper then decrypted and executed the malicious code. The code is present inside a “mutter.zip” within the app itself. Then it downloaded encrypted code from a command-and-control server – “https://abc.abcdserver[.]com.”
Google has removed the app from the Google Play Store after Kaspersky reporting about the malware. The researchers also note that after this incident the developers of CamScanner have removed the malicious code from the latest version of the app.
This is not the first time Google is facing malware issues in the apps. In the past, they have removed many of the sketchy apps that had malware contents. However, they are not yet near to making the whole Android system malware proof anytime soon.
If you have been using the CamScanner application then it will be better to remove the application for now at least. As an alternative, you can try Microsoft’s Office Lens to scan documents. We also recommend to download apps from the Google Play Store and always checking what permissions the app is asking for.