Researchers from Kaspersky Lab said that they found a Trojan Dropper malicious module hidden within the popular Android app CamScanner that’s been downloaded over 100 million times on the Google Play Store. And they also said that could be used by attackers to remotely hack Android devices and steal targets data.
It claimed that the app was removed from the Play Store after the researchers from Kaspersky was reported to Google. Google Play store are usually considered a safe haven for downloading software. Unfortunately, nothing is 100% safe, and from time to time malware distributors manage to sneak their apps into Google Play. So, to be safe, just uninstall the CamScanner app from your Android device now.
CamScanner app is a phone-based PDF creator that includes OCR (optical character recognition). You can create a PDF file from an image which capture by phone camera or upload from Phone Gallery. Also you can create an account and save PDF in cloud.
This module identified as Trojan-Dropper.AndroidOS.Necro.n is a Trojan dropper, meaning it can extracts and runs another malicious module from an encrypted file included in the app’s resources, reads the analysis published by Kaspersky. This “dropped” malware, in turn is a Trojan Downloader that downloads more malicious modules depending on what its creators are up to at the moment. For example, an app with this malicious code may show intrusive ads and sign users up for paid subscriptions. Some users of the CamScanner app have already spotted suspicious behavior and left reviews on the app’s Google Play page with warnings to avoid the app.
After Google removed the CamScanner app from the Play Store, the developers of the app eliminated the malicious code from the application with the latest update. Researchers warn that versions of the app vary for different devices, and some of them may still contain the malware. The paid version if the app doesn’t include the 3rd-party advertising library, this means that it doesn’t contain the malware and for this reason, Google hasn’t removed it from the Play Store, said by Kaspersky.
You can get more information about tech from here.