CamScanner app has been deleted by Google from Play Store.
The IT security researchers at Kaspersky have discovered a dangerous malware in the CamScanner app, a tremendously popular application for Android devices used by more than 100 million users around the world.
The purpose of the CamScanner app is to turn a smartphone into a portable scanner by allowing users to scan, save, sync and collaborate on content across smartphones, tablets, and computers. This time however Kaspersky researchers have identified the presence of a malware in the app available on Google Play Store – which is bad news for unsuspecting Android users.
Dubbed Trojan-Dropper.AndroidOS.Necro.n by researchers; the malware was previously found preinstalled in cheap Chinese smartphones. As the name indicates, the malware drops/downloads additional malware equipped with capabilities like downloading more pieces of malicious modules.
The main purpose of this malware, according to Kaspersky’s blog post, is to make a profit. To achieve their goal; the malware spams targeted devices with intrusive onscreen advertisements and forces victims to signup for paid subscriptions. This can also allow malware authors to snoop on victim’s activities and steal login credentials for social media and banking apps.
“As a result, the owners of the module can use an infected device to their benefit in any way they see fit, from showing the victim intrusive advertising to stealing money from their mobile account by charging paid subscriptions, said Kesperskt in its technical analysis.
Here, it is worth mentioning that although CamScanner itself is a legitimate app, Kaspersky researchers believe that the snippet of malicious code in the app belonged to a third-party in its PDF creator.
Good news is that at the time of publishing this article; Google had removed the CamScanner app from Play Store. On the other hand, CamScanner’s developers have acknowledged the presence of malicious code in their app but maintained that its iOS version has not been impacted.
Another positive development is that developers have confirmed releasing a new version of the app which hopefully will hit Play Store without the snippet of malicious code.
If you have downloaded the app on your smartphone recently, it is advised to remove it asap. Furthermore, scan your device with a reliable anti-virus software regularly, keep automatic updates enabled and only install CamScanner app once the company confirms its official release.