Most people in the Android community can’t easily spot a malware but thank heavens for research firms that tell us what is out there. Kaspersky has recently published a report that informs the public about a new malware that appears as an ordinary app. The app in focus is CamScanner. It’s a device-based PDF maker that includes an optical character recognition. At the moment, it has reached over a hundred million downloads in the Google Play Store so many phones may have been affected.
Aside from CamScanner, it is also known as CamScanner-Scanner. The app has been sneaked into Google Play by appearing to be legit. Google wasn’t able to spot the malware right away since it is a legitimate app–or at least it was.
What happened was the app had no intentions to become a malware. It contained ads and in-app items. Unfortunately, recent versions came with an ad library that included a malicious module.
It may or may not be intentional but Trojan-Dropper.AndroidOS.Necro.n module was detected. The module was the same one detected pre-installed on some Chinese phones. The malicious module is discovered to be dropping malware. It’s more like a Trojan Downloader that gets more malicious modules.
The usual problems observed include intrusive ads, as well as, signing users for paid subscriptions. More suspicious behaviors have been spotted by users themselves. Kaspersky already submitted the report to Google and the latter removed the app for the Play Store.
It’s highly recommended mobile users use antivirus for Android apps. Google can’t always detect what’s wrong in the Play Store but we can all do our part. If you experience something suspicious, report to Google immediately. This way, the tech giant can check if there are anomalies or malware included. Remember, not because an app is already approved on the Play Store, it’s safe. It’s not always the case so be careful next time.