Google removes CamScanner from Play Store after Trojan Dropper malware scare

There’s a good chance that you know about the CamScanner app, which is available on both Android and iOS. The ‘Phone PDF Creator’ or ‘Scanner to Scan PDFs’ app had over 100 million downloads, before being booted from the Google Play Store. Researchers at Kaspersky Labs found a malware in the recent versions of the popular OCR (optical character recognition) app. It was apparently harbouring an advertising library containing a malicious module that the Kaspersky researchers identified as ‘Trojan-Dropper.AndroidOS.Necro.n.’  As per the report, this particular malware module was previously spotted in a few apps that came preinstalled on some Chinese smartphones. 

The malware module was spotted only on the Android version of the app and it seems like its iOS version is still available on the App Store, probably because of Apple’s strict app vetting policies. As the Kaspersky blog notes, CamScanner was a pretty good app that offered notable functionality. While it displayed ads for generating revenue, there were options for in-app purchases and buying a License separately for eliminating ads. However, the Trojan Dropper module found within the app is said to extract and run another malicious module from an encrypted file included in the app’s resources. 

“This “dropped” malware, in turn, is a Trojan Downloader that downloads more malicious modules depending on what its creators are up to at the moment. For example, an app with this malicious code may show intrusive ads and sign users up for paid subscriptions,” the Kaspersky blog states. We checked to find that the CamScanner app has been removed from the Google Play Store. However, Kaspersky reports that the app’s developers removed the malicious code with the latest update. However, since the apps’ version varies for different devices, it is recommended that one uninstalls it as their device might have an older version of that app that contains the Trojan Dropper malware module. 

This is not the first time an app has slipped past through the Google Play Store’s app vetting process. While it can also be difficult to keep up with thousands of apps and their updates that are being released on the platform, Google needs to step up its game if it wants to assure users that the Play Store is the safest place to download Android apps from. 

from Latest Technology News https://ift.tt/2PeLbfV