Camscanner, a popular Android app that has been available on the Google Play Store since 2010 is discovered to have been installing malware on smartphones. The app has more than 100 million downloads. This could be the exact number of Android smartphones that could have been installed with malware or vulnerable to have one.
Since the report broke out, the search engine giant has already removed the popular CamScanner PDF creator Android app form the Google Play Store. The report claims that the app has recently begun sending malware. The app was published by CC Intelligence, a Shanghai-based tech business and has been downloaded more than 100 million times from Google's store.
CC intelligence specializes in OCR or optical character recognition. Aside from the OCR text-reading capability of Camscanner, the company sells apps that catch text from business cards like CamCard for Salesforce and CamCard. To earn revenue from CamScanner, the company depends on in-app purchases and ads.
But, Kaspersky, a Russian anti-virus firm, recently reveals that the latest versions of the app introduced a new advertising library that comes with a Trojan intended to deploy malware to Android smartphones and other Android devices. According to Kaspersky, the malicious code may feature intrusive ads and even sign users up for paid subscriptions. While intrusive ads are annoying, no one wants to sign up for a subscription that they never even signed up for in the first place.
The Trojan dropper from ads in CamScanner is designed to link to the servers of the attackers, download extra code, and execute the code on Android devices where the CamScanner is installed. While Google has already removed the app from its Google Play Store, the app is still available on the Apple App Store. The recent incident appears more like a situation where developers accidentally use a malicious ad library often found embedded in legit apps.
Kaspersky researchers Igor Golovin and Anton Kivva noted that it is safe to assume that the reason why the malware was added was due to the partnership of the app developer with a devious advertiser. The researchers add that the app developers seemed to have removed the malicious code in the latest update rolled out to CamScanner. The usual rule that users use when downloading an app is based on user reviews.
ATTENTION ANDROID USERS UNINSTALL CamScanner now if you are using version 5.11.7 It's officially announced by CamScanner that is affected by malware. And APP is taken off from the play store, expected a data breach.https://t.co/w21xgATlzr #CamScanner #Malware pic.twitter.com/2RokmgFnkx — Rajath M S (@rajath_ms) August 29, 2019
CamScanner has around 1.8 million reviews on the Google Play Store averaging between 4 and 5 stars. On the Apple App Store, the app has also glowing reviews. Kaspersky, however, began investigating the app after they noticed a series of latest negative reviews on Google Play Store. According to Kaspersky, any app regardless of the number of positive reviews and downloads can still turn into a malware overnight.
