Google has removed the Popular PDF Creator Android App called CamScanner from the playstore after reportedly found a malicious code inside it.
People generally using Camscanner to scan documents to create its digital pdf version. CamScanner uses Optical Character Recognition technology to scan text in the document via the user’s smartphone camera.
Kaspersky first reported about the malware module their researchers found in the CamScanner App. They call it Trojan-Dropper.AndroidOS.Necro.n.
This malware module is very critical as you can identify a slug in its name called Trojan-Dropper. Kaspersky team explain it as a Trojan-Downloader. Analyzing the app code in detail, Kaspersky researchers found CamScanner app code the legitimate one. However, they found this malware mode in a separate encrypted file that is present in the app resources. This file in turn injected via the 3rd party advertising script the company is using.
When does Kaspersky Team found the app Suspicious?
Kaspersky found the app suspicious when several users reported the app automatically left reviews on app page showing a warning not to use the app.
After getting the report from Kaspersky team, CamScanner app developers removed that malicious code and brought a new update for the app. Google also has removed the app from playstore. However, In spite of all of this, the Kaspersky team recommend users to uninstall the app from their device. Also, I suggest you use stop using the app until it appears again on Google Play Store.
What you have learnt from this article is, nothing is safe in the digital world. You can see that even a company like Google not able to identify a malware inside an app which they are promoting via their app marketplace.
Neither CamScanner, Google, or Kaspersky reported How many users infected with this malicious code. However, you can assume a significant number as you can see, there are more than 100 million downloads of this app in Google Play Store.