CamScanner, one of the most popular phone pdf creator app with 100 million downloads is reportedly affected with hidden malware.
Cybersecurity firm Kaspersky recently found malware in the latest version of CamScanner and now the app has been removed from Google Play. So if you already installed CanScanner — uninstall it right now.
According to Kaspersky, “CamScanner was actually a legitimate app, with no malicious intensions whatsoever, for quite some time. It used ads for monetization and even allowed in-app purchases. However, at some point, that changed, and recent versions of the app shipped with an advertising library containing a malicious module.”
The detected malicious module was Trojan-Dropper.AndroidOS.Necro.n, which is usually seen in some apps preinstalled on Chinese smartphones. This module extracts and runs another malicious module from an encrypted file included in the app’s resources. This “dropped” malware, in turn, is a Trojan Downloader that downloads more malicious modules depending on what its creators are up to at the moment. As a result, an app with this malicious code may show intrusive ads and sign users up for paid subscriptions.
Many users already reported some suspicious behavior they spotted on CamScanner and left reviews on the app’s Google Play page with warnings to avoid the app.
As per the CamScanner statement, advertisement SDK provided by a third-party named AdHub has been reported for containing a malicious module that produces unauthorized advertising clicks. For now, they removed all the ads SDKs not certified by Google Play and a new version would be released soon. The company has also taken immediate legal actions against Adhub.
The malware is affected only on the Android version and iOS version is still available on the App Store, probably because of Apple’s strict app vetting policies.
Even the official app store is not 100% safe to download apps and Google Play moderators fail to check each app updates as frequent updates are regularly going on with millions of apps in Google Play.
This CamScanner incident clearly gives us a message — even the app is popular or has millions of downloads or good rating and reviews, every app is just one update away to turn into malware.
We can’t do anything about it, just install a good antivirus for Android and scan your smartphone from time to time.