Google has several security checks for the apps that are available for download from the Google Play Store. But, the process is that as rigid as what Apple follows for the App Store. This is why we hear more cases of malware or harmful apps making their way to the Android smartphones than iPhones. The Google Play Store boots out these harmful apps from the platform from time to time and also warns its users about the same. In a latest attempt, it has warned the users about CamScanner which is found to have a malware that could seed ads and prompt users into signing up for paid services.
The app is used to converts photos of documents into PDF format and is fairly popular among users. In fact, it has over 100 million downloads on the platform. As per the findings of Kaspersky researchers, the recent versions of the app were shipped with an advertising library containing a malicious module.
It has been reported that the app contains malicious Trojan Dropper module, which has been identified as “Trojan-Dropper.AndroidOS.Necro.n”. This not the first time this malware has found its way to smartphones. Earlier, it was observed in some Chinese apps as well. The module reportedly extracted and ran another malicious module from an encrypted file that is found in the app’s resources.
The resource-linked module, is called a “dropped” module and is basically a Trojan downloader that downloaded even more harmful modules. This makes your phone vulnerable as malicious party can exploit these modules as it wants.
This could be done by showing intrusive ads and making users sign up for paid services. Some users of CamScanner had reported that the issues they were facing with the app and posted reviews on the Play Store with the intention of preventing other users from downloading CamScanner.
After Kaspersky researchers flagged the problem, the app was removed from Google Play Store. However, if you still have it on your phone, you need to uninstall it as early as possible.