CamScanner, one of the most popular mobile pdf creation apps with 100 million downloads, is reported to be hidden by hidden malware.
Cybersecurity company Kaspersky recently discovered malware in the latest version of CamScanner and now the app has been removed from Google Play. So if you have CanScanner installed, uninstall it now.
According to Kaspersky, “CamScanner is actually a legitimate application, without any malicious intensity, for some time. Use advertising for monetization and even allow in-app purchases. However, at some point, that changed, and the latest version of the app shipped with an ad library containing fake modules. "
The malicious module that was detected was Trojan-Dropper.AndroidOS.Necro.n, which is usually seen in several applications pre-installed in Mandarin. smartphones. This module extracts and executes other malicious modules from encrypted files that are included in the application resources. This “discarded” malware, in turn, is a Trojan Downloader that downloads more malicious modules depending on what the creator is currently doing. As a result, applications with this malicious code can display annoying ads and register users for paid subscriptions.
Many users have reported some suspicious behavior they saw on CamScanner and left a review on the app's Google Play page with a warning to avoid the app.
According to the CamScanner statement, the ad SDK provided by a third party called AdHub has been reported to contain a malicious module that generates invalid ad clicks. For now, they are removing all SDK ads that are not Google Play certified and a new version will be released soon. The company has also taken direct legal action against Adhub.
Malware is only affected in the Android version and the iOS version is still available in the App Store, perhaps due to the strict application inspection policy of Apple.
Even the official app store is not 100% safe to download apps and Google Play moderators cannot check every app update due to frequent updates with millions of apps on Google Play.
This CamScanner event clearly gave us a message: Although this app is popular or has millions of downloads or good ratings and reviews, each app is only one update away from becoming malware.
We can't do anything, just install a good antivirus for Android and scan your smartphone from time to time.