Google Play Store app with over 100 million downloads contained malware

Posted on Thursday, Aug 29 2019 @ 12:54 CEST by Thomas De Maesschalck
GOOG logo
It's quite a shocker but the presence of quite significant malware on a very popular Android app can remain undetected for quite some time. Russian security firm Kaspersky discovered that CamScanner, an app used to turn photos of documents into PDF files, contains a module that can be used to install spyware or adware on your phone.

CamScanner has been downloaded over 100 million times and has 1.8 million, largely positive, reviews. Kaspersky says it investigated the app after a recent batch of negative reviews. They discovered the app contained a module known as Trojan-Dropper.AndroidOS.Necro.n:
The above-described Trojan-Dropper.AndroidOS.Necro.n functions carry out the main task of the malware: to download and launch a payload from malicious servers. As a result, the owners of the module can use an infected device to their benefit in any way they see fit, from showing the victim intrusive advertising to stealing money from their mobile account by charging paid subscriptions.
Google pulled CamScanner from the Google Play Store and recent updates to CamScanner have removed the malicious module.

ZD Net reports the module may have been added accidentally, perhaps after a deal with an unscrupulous advertiser. The big lesson here is that even popular Google Play Store apps can't be 100% trusted:
"What we can learn from this story is that any app — even one from an official store, even one with a good reputation, and even one with millions of positive reviews and a big, loyal user base —can turn into malware overnight. Every app is just one update away from a major change," Kaspersky researchers said.

About the Author

Thomas De Maesschalck

Thomas has been messing with computer since early childhood and firmly believes the Internet is the best thing since sliced bread. Enjoys playing with new tech, is fascinated by science, and passionate about financial markets. When not behind a computer, he can be found with running shoes on or lifting heavy weights in the weight room.

Loading Comments