CamScanner Android App: Another Android malware found at Google Play app store.
Researchers from Kaspersky Lab said they found an application with 100 millions of downloads that hosted a malicious module that was sending advertisements or downloading illegally downloaded apps to Android devices.
The malicious element was found by researchers after they were notified of "suspicious behavior" in the free release of the popular scanning CamScanner application after a host of negative comments from users about its validity.
“CamScanner was actually one lawful application, without malware, for quite some time ”, notes Kaspersky. “He used ads for monetization and started allowing in-app purchases. However, at some point this has changed and recent versions of the app are sending ads containing a malicious section. "
This section - recognized as Trojan-Dropper.AndroidOS.Necro.n - is one trojan dropper, which means it can extract and execute a second malicious item encrypted within the application. This trojan downloader can be used to infect devices with other types of malware.
Kaspersky researchers found that when running CamScanner, the dropper was decrypted and executed malicious code contained in a "mutter.zip" file within the application before downloading encrypted code from a "https: //ervc.abserver.abserver" server. [.] com. ”
"The above Trojan-Dropper.AndroidOS.Necro.n features perform the main function of malware: download and boot a load from malicious servers", The researchers said. "As a result, unit owners can use an infected device to their advantage in any way they see fit, such as stealing money from the victim's account or charging for paid subscriptions."
Η Google removed the app from the Play Store following the release of Kaspersky's findings, but the app's developers confirm that they removed the malware in their latest update.
Problems like this are plaguing the Play Store
The hackers can hide their true intent and penetrate malicious code bypassing the Google app review process.
If you're using CamScanner, you might want to consider switching to alternatives such as Microsoft OneNote, Google Drive or Apple Notes.
While attaching to the Play Store is still the safest way to download apps, make sure you review their rights, reviews, and downloads only if absolutely necessary for your day-to-day needs.