Skip to main content

WARNING — Malware Found in CamScanner Android App With 100+ Million Users

WARNING — Malware Found in CamScanner Android App With 100+ Million Users

 Beware! Hackers can remotely hack your Android phone and steal data stored on it if you are using the free version of CamScanner, a highly-popular Phone PDF creator app that has more than 100 million downloads on Google Play Store.

However, CamScanner was actually a legitimate app, with no malicious intentions whatever, for quite some time. CamScanner used ads for monetization and even allowed in-app purchases. But, at some point, that changed, and recent versions of the CamScanner app shipped with an advertising library containing a malicious module.

So, to be safe, just uninstall the CamScanner app from your Android device right now, as Google has already removed the app from its official Play Store.

Unfortunately, Kaspersky researchers found a hidden Trojan-Dropper.AndroidOS.Necro.n module within the CamScanner app that could allow remote attackers to secretly download and install malicious programs on the user's Android device without their knowledge. This module was also found in some of the apps that came pre-installed on some phones sold in China.

However, the malicious module doesn't actually in the code of the CamScanner Android app and they didn't have the intention to harm users. The company recently added a third-party advertising library that has a malicious module.

The issue came to shine after many CamScanner users reported suspicious behavior of the app and many of those also posted negative reviews on Google Play Store in recent months, indicating the presence of an unwanted feature.

Researchers of Kaspersky reported its findings to Google, who promptly removed the CamScanner app from its Play Store, but they say that it looks like app developers got rid of the malicious code with the latest update of CamScanner app.

Despite this, the Kaspersky researchers advised users to just keep in mind that versions of the CamScanner app vary for different devices, and some of them may still contain malicious code.

It should be noted that the paid version of the CamScanner app doesn't include the third-party advertising library and thus the malicious module. So, it is not affected to the paid version of the CamScanner app and the paid version of the app is still available on the Google Play Store.

What we can learn from this story is that any app even one from an official store, even one with a good reputation, and even one with millions of positive reviews and a big, loyal user base also can turn into malware overnight. Every application is just one update away from a major change.

Official app store such as Google Play Store is usually considered a safe haven for downloading software. Unfortunately, nothing is 100% safe and secure, and from time to time malware distributors manage to sneak their apps into Google Play Store.

Therefore, you are advised to keep a good antivirus software on your Android device that can detect and block such malicious activities before they can infect your device.

In addition, always read app reviews posted by other users who have downloaded the app, and also verify app permissions before installing any app and grant only those permissions that are relevant for the app's purpose.

If you want to know more about the Trojan Dropper malware found in the CamScanner app and a full list of its indicators of compromise (IOCs) including MD5 hashes and its command and control server domains, you can move on to Kaspersky's report.

I hope you find useful information in this article. If you have any questions then please mention in the comments section and I will get back to you and stay tuned with my blog to learn interesting things related to cybersecurity and hacking.
Labels:

Comments

  1. Psychology HackSeptember 4, 2019 at 5:16 PM

    I was more than happy to uncover this great site. I need to to thank you for your time due to this fantastic read!! I definitely enjoyed every bit of it and I have you bookmarked to see new information on your blog.

    ReplyDelete
  2. JennetJanuary 11, 2020 at 11:47 PM

    Be that as it may, the nature of outsider APIs accessible for Android application engineers varies Bulk SMS Service Provider in Sharjah UAE

    ReplyDelete
  3. ms_companyMay 26, 2020 at 12:53 AM

    I was surfing net and fortunately came across this site and found very interesting stuff here. Its really fun to read. I enjoyed a lot. Thanks for sharing this wonderful information. tic tac toe

    ReplyDelete
  4. faizanJuly 3, 2020 at 1:43 AM

    A very awesome blog post. We are really grateful for your blog post. You will find a lot of approaches after visiting your post. Camscanner

    ReplyDelete
  5. AzlanJuly 14, 2020 at 2:46 AM

    All things considered, the appropriate response is simpler than you may might suspect, and in all honesty the arrangement is most likely as of now in your kitchen. Iphone reparatur

    ReplyDelete
  6. Tino Best August 24, 2020 at 8:46 PM

    You do not need to learn all the rules in the beginning. If some of your articles get rejected that is okay. Generally, editors will let you know the reason that why your articles are rejected. 현금바둑이

    ReplyDelete
  7. FaizanSeptember 8, 2020 at 1:46 AM

    This is my first time i visit here and I found so many interesting stuff in your blog especially it's discussion, thank you. scootersleuth.com/reviews/taotao-scooter-review/

    ReplyDelete
  8. UnknownSeptember 9, 2020 at 1:18 AM

    I can set up my new idea from this post. It gives in depth information. Thanks for this valuable information for all,.. scootersleuth.com/reviews/swagtron-swagger-5-electric-scooter-review/

    ReplyDelete

Post a Comment

Popular posts from this blog

How To Check If a Link Is Safe To Click

Many times, we share links among our friends on social media platforms like WhatsApp, Facebook, Instagram or Twitter. But do we know how safe they are? What can happen if you click on any malicious link? We never think of the following things : Links can drop various harmful programs, viruses on your device Links can steal your personal data by dropping spyware or keyloggers Use your browser for crypto mining which will affect your device's performance Even if your device is secured with antivirus, not all of them warn you before clicking such malicious links . And the moment you click on these, they will become big trouble for you. This can sometimes even be dangerous with regard to data security and identity theft. So, Be careful about what you click on. These days one of the quickest growing security issues is ransomware , which is often spread by the user unintentionally clicking dangerous links in emails, social media platforms, messengers, and other tool
145 comments
Read more

How To Enable WhatsApp Fingerprint Lock Feature on Android

WhatsApp has officially rolled out the fingerprint lock feature for all the Android users. Most of you may already have been doing it for the last few years with the help of third-party app lockers for adding more security. Keeping that in mind and to make the process quicker and safer at the same time, WhatsApp has now launched this new fingerprint lock feature so that you can open the app by your fingerprint. It means that regardless of whether the phone is opened, others won't have the option to gain access to the messages without your fingerprint. So, you can now secure your WhatsApp conversations with an extra layer of biometric security . With this step, WhatsApp is finally offering biometric authentication to the Android app, while iPhone users enjoying both the Touch ID that is the fingerprint recognition and Face ID that is the facial recognition since the month of February 2019. WhatsApp is also giving more options with the new fingerprint lock featur
50 comments
Read more

TikTok Secretly Sent Users Private Data & PII Number to Chinese Server Including Draft Videos

The popular Android and iOS short-videos creating app, TikTok hit with a lawsuit claims that the app illegally and secretly transfers app's users' private sensitive data and Personally Identifiable Information (PII) to Chinese servers. TikTok which is a 15-second short-video creating app especially popular among the younger generation and also downloaded over 1.3 Billion times worldwide . TikTok remains top in the most downloaded app list for months on the Apple App Store and Google Play Store.  According to the lawsuit, Tiktok shared the user's created videos which include private acts and closeups of user's faces (biometric data) before the videos are saved on the app. TikTok provides many options includes the next button, close button, and button for effects to its users while recording the video. Here, the next button takes users to the screen that shows these two options : "post" and "save".  After clicking on the "next" button, Tik
76 comments
Read more