WARNING — Malware Found in CamScanner Android App With 100+ Million Users

WARNING — Malware Found in CamScanner Android App With 100+ Million Users

Beware! Hackers can remotely hack your Android phone and steal data stored on it if you are using the free version of CamScanner, a highly-popular Phone PDF creator app that has more than 100 million downloads on Google Play Store.

However, CamScanner was actually a legitimate app, with no malicious intentions whatever, for quite some time. CamScanner used ads for monetization and even allowed in-app purchases. But, at some point, that changed, and recent versions of the CamScanner app shipped with an advertising library containing a malicious module.

So, to be safe, just uninstall the CamScanner app from your Android device right now, as Google has already removed the app from its official Play Store.

Unfortunately, Kaspersky researchers found a hidden Trojan-Dropper.AndroidOS.Necro.n module within the CamScanner app that could allow remote attackers to secretly download and install malicious programs on the user's Android device without their knowledge. This module was also found in some of the apps that came pre-installed on some phones sold in China.

However, the malicious module doesn't actually in the code of the CamScanner Android app and they didn't have the intention to harm users. The company recently added a third-party advertising library that has a malicious module.

The issue came to shine after many CamScanner users reported suspicious behavior of the app and many of those also posted negative reviews on Google Play Store in recent months, indicating the presence of an unwanted feature.

Researchers of Kaspersky reported its findings to Google, who promptly removed the CamScanner app from its Play Store, but they say that it looks like app developers got rid of the malicious code with the latest update of CamScanner app.

Despite this, the Kaspersky researchers advised users to just keep in mind that versions of the CamScanner app vary for different devices, and some of them may still contain malicious code.

It should be noted that the paid version of the CamScanner app doesn't include the third-party advertising library and thus the malicious module. So, it is not affected to the paid version of the CamScanner app and the paid version of the app is still available on the Google Play Store.

What we can learn from this story is that any app even one from an official store, even one with a good reputation, and even one with millions of positive reviews and a big, loyal user base also can turn into malware overnight. Every application is just one update away from a major change.

Official app store such as Google Play Store is usually considered a safe haven for downloading software. Unfortunately, nothing is 100% safe and secure, and from time to time malware distributors manage to sneak their apps into Google Play Store.

Therefore, you are advised to keep a good antivirus software on your Android device that can detect and block such malicious activities before they can infect your device.

In addition, always read app reviews posted by other users who have downloaded the app, and also verify app permissions before installing any app and grant only those permissions that are relevant for the app's purpose.

If you want to know more about the Trojan Dropper malware found in the CamScanner app and a full list of its indicators of compromise (IOCs) including MD5 hashes and its command and control server domains, you can move on to Kaspersky's report.

I hope you find useful information in this article. If you have any questions then please mention in the comments section and I will get back to you and stay tuned with my blog to learn interesting things related to cybersecurity and hacking.

9 comments:

  1. I was more than happy to uncover this great site. I need to to thank you for your time due to this fantastic read!! I definitely enjoyed every bit of it and I have you bookmarked to see new information on your blog.

    ReplyDelete
  2. Be that as it may, the nature of outsider APIs accessible for Android application engineers varies Bulk SMS Service Provider in Sharjah UAE

    ReplyDelete
  3. I was surfing net and fortunately came across this site and found very interesting stuff here. Its really fun to read. I enjoyed a lot. Thanks for sharing this wonderful information. tic tac toe

    ReplyDelete
  4. A very awesome blog post. We are really grateful for your blog post. You will find a lot of approaches after visiting your post. Camscanner

    ReplyDelete
  5. All things considered, the appropriate response is simpler than you may might suspect, and in all honesty the arrangement is most likely as of now in your kitchen. Iphone reparatur

    ReplyDelete
  6. You do not need to learn all the rules in the beginning. If some of your articles get rejected that is okay. Generally, editors will let you know the reason that why your articles are rejected. 현금바둑이

    ReplyDelete
  7. This is my first time i visit here and I found so many interesting stuff in your blog especially it's discussion, thank you. scootersleuth.com/reviews/taotao-scooter-review/

    ReplyDelete
  8. I can set up my new idea from this post. It gives in depth information. Thanks for this valuable information for all,.. scootersleuth.com/reviews/swagtron-swagger-5-electric-scooter-review/

    ReplyDelete

Powered by Blogger.