CamScanner, the PDF creation app is dangerous. Found a malware downloaded 100 million times
The news will certainly not please users who usually use it. The Camscanner app, downloaded over 100 million times on the Play Store, is harmful and contains dangerous malware.
Kaspersky researchers have recently detected malware in the famous application called CamScanner, a PDF maker for smartphones that includes OCR (ie optical character recognition) and has been downloaded over 100 million times on Google Play. An application that is not really harmless, and that could create some headaches for those who have downloaded it.
We know how Google Play turns out to be Google’s official store and a virtual market where users should be 100% sure of finding applications without any malware or hidden viruses. Yet we have seen many times how many ” bogus ” applications are present on the official store and become malware distributors often sneaking into the smartphones of users who download them.
CamScanner: the secure app with malware
CamScanner was actually a legitimate app, with no ” malicious ” presence until it decided to use advertisements in it to try to monetize with ads and even allow in-app purchases. This seems to have allowed third parties to easily sneak into the application by changing the cards on the table and positioning viruses and malware capable of infecting the unsuspecting user smartphone.
Kaspersky has detected the library module in the Camscanner app as Trojan-Dropper.AndroidOS.Necro.n, which has been observed for some time in some apps pre-installed on Chinese smartphones. As the name suggests, the module is a Trojan dropper.
This means that the module extracts and executes another malicious module from an encrypted file included in the app’s resources. This ” released ” malware, in turn, is a Trojan downloader that downloads more malicious modules depending on what its creators want them to do.
For example, an app with this malicious code can show intrusive ads and subscribe for users to paid subscriptions. Specifically, some users after installing the CamScanner app have detected suspicious behavior on their smartphone and left reviews on the app page on Google Play with warnings to avoid downloading Camscanner.
The Kaspersky researchers examined a recent version of the app and found the module to be malicious. Reported, the application was quickly removed from Google. In this case, it seems that the developers have already eliminated the malicious code with the last update even if the app versions vary depending on the device, and it is possible that some may still contain the malicious code.
What we can learn from this story is that any app, even a downloadable one from the official store and with a good reputation and millions of positive reviews, can turn into malware without the developers noticing.
The advice is to always observe the behavior of your smartphone and in case of anomalies try to understand the cause and in case bring it to an expert in assistance. You can also use an antivirus that tries to fathom the applications on your smartphone indicating those that have possible problems.
