ALERT: Delete This Malware-Filled Android App ASAP

Illustration: CamScanner

A popular Android app boasting 100 million downloads on the Google Play Store has been flagged by security firm Kaspersky for containing a backdoor vulnerability that could make it a hotbed for highly dangerous malware. You need to uninstall it, and you need to do it now. Here are the details.

Security researchers at Kaspersky discovered malware in various versions of the Android app “CamScanner” that were published to the Google Play store in June and July. You should remove it from your Android phone right now if you haven’t updated the app to any versions released since June 30, and even then, we recommend deleting it regardless.

Why the caveat? According to the researchers, recent versions of the CamScanner app appear to be free from the troublesome “Trojan Dropper” malware that got packed into previous iterations of the app. As they describe in a blog post:

“Kaspersky products detect this module as Trojan-Dropper.AndroidOS.Necro.n, which we have observed in some apps preinstalled on Chinese smartphones. As the name suggests, the module is a Trojan Dropper. That means the module extracts and runs another malicious module from an encrypted file included in the app’s resources. This “dropped” malware, in turn, is a Trojan Downloader that downloads more malicious modules depending on what its creators are up to at the moment.

For example, an app with this malicious code may show intrusive ads and sign users up for paid subscriptions.”

According to Android Police, CamScanner’s malware first appeared in the June 16 update of the app (version 5.11.3.20190616), and persisted through the app’s June 25 update (version 5.12.0.20190725). It was removed starting with the June 30 app update (5.12.0.20190730).

However this malware got into the app, and regardless of whether its latest version is clean or not, the incident was severe enough to earn CamScanner a temporary ban from the Google Play store. Curiously, Google has since restored the app completely, which is a strange pardon for an app that infected users for nearly half a month.

Our advice? CamScanner betrayed your trust, and it’s time to switch to an app you won’t have to worry about. Remove it and install a better document-scanning app, such as Adobe Scan or Microsoft Office Lens. You can even use the built-in scanner found in the Google Drive app, if you prefer. All are solid options, especially since they have never attempted to infect your device with crap you don’t want.


Comments

    1. does uninstalling the app remove the malware / trojan?
    2. any news if this is a supply chain attack or by the app owners?

Join the discussion!

Trending Stories Right Now