A Very popular Android app CAMSCANNER used for scanning documents used worldwide as it is the no. 1 app in Play store if you want to scan any document from your mobile but recently there is news flashed that it contains malware and must be immediately deleted from your mobile device if you have it. The malware has been detected by Kaspersky Labs, a cybersecurity firm.
The app is used to create PDF and it is said that the earlier versions of the app did not have any issues. Even now, the app itself may be clean but is carrying some ads, one of which is a malware that can download a trojan, which can get into your device and play havoc. CamScanner has been downloaded on some 100 million Android devices, it is learnt.
Kaspersky Labs has posted a blog on this describing how the app was a harmless one till recently. Most free apps in the Play Store come with ads and ask you to make in-app purchases. These by itself need not cause you any concern. It is only when these ads carry malicious content that the problem starts. Some of these malicious files are so dangerous that they can act on their own and download programmes from external sources and plant them in your device without your knowing what is happening.
In the case of CamScanner, the malicious file has been identified as “Trojan-Dropper.AndroidOS.Necro.n” This is the module that does the dirty tricks and one of the most dangerous actions it does is to sign up for paid subscriptions automatically. You will keep getting intrusive ads causing unwanted disruption while using your device.
Following Kaspersky’s detection and report, Google has arranged to remove the app from Play Store. If you had downloaded the CamScanner app, have it uninstalled as soon as you read this.
Google has taken action on CAMSCANNER company and app now they have removed the app from play store but still you will find CAMSCANNER for 130 INR version 1.7 last updated on 17-January-2014 as per its description, before it was free now one has to pay before only in order use application.
— CamScanner (@CamScanner) August 28, 2019
There’s a good chance that you know about the CamScanner app, which is available on both Android and iOS. The ‘Phone PDF Creator’ or ‘Scanner to Scan PDFs’ app had over 100 million downloads, before being booted from the Google Play Store. Researchers at Kaspersky Labs found a malware in the recent versions of the popular OCR (optical character recognition) app. It was apparently harbouring an advertising library containing a malicious module that the Kaspersky researchers identified as ‘Trojan-Dropper.AndroidOS.Necro.n.’ As per the report, this particular malware module was previously spotted in a few apps that came preinstalled on some Chinese smartphones.
The malware module was spotted only on the Android version of the app and it seems like its iOS version is still available on the App Store, probably because of Apple’s strict app vetting policies. As the Kaspersky blog notes, CamScanner was a pretty good app that offered notable functionality. While it displayed ads for generating revenue, there were options for in-app purchases and buying a License separately for eliminating ads. However, the Trojan Dropper module found within the app is said to extract and run another malicious module from an encrypted file included in the app’s resources.
“This “dropped” malware, in turn, is a Trojan Downloader that downloads more malicious modules depending on what its creators are up to at the moment. For example, an app with this malicious code may show intrusive ads and sign users up for paid subscriptions,” the Kaspersky blog states. We checked to find that the CamScanner app has been removed from the Google Play Store. However, Kaspersky reports that the app’s developers removed the malicious code with the latest update. However, since the apps’ version varies for different devices, it is recommended that one uninstalls it as their device might have an older version of that app that contains the Trojan Dropper malware module.