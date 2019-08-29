tech

Updated: Aug 29, 2019 18:20 IST

Google Play Store is often reported to harbour malicious Android apps which users often fall prey to. Google also regularly purges the Play Store of such apps which can potentially harm one’s smartphone. The latest victim here is the popular smartphone scanning app, CamScanner.

CamScanner is one of the most popular scanning apps and has been downloaded over 100 million times on Play Store. As discovered by Kaspersky Lab, recent versions of CamScanner featured an advertising library with a malicious module identified as “Trojan-Dropper.AndroidOS.Necro.n”. What this ‘Trojan Dropper’ does is that it “extracts and runs another malicious module from an encrypted file included in the app’s resources.”

The security researcher firm further explains that “this “dropped” malware, in turn, is a Trojan Downloader that downloads more malicious modules depending on what its creators are up to at the moment.”

On CamScanner, this malicious code works by showing intrusive ads targeting users to sign up for paid subscriptions. Kaspersky Lab informed Google of this vulnerability in CamScanner and the app has now been removed from Play Store. The report further says that CamScanner app has been updated and developers have removed the malicious module.

However, some versions of CamScanner may still contain this malware. The app is still not available on Play Store. Google conducts regular scan of apps on Play Store through Play Protect but this malware on CamScanner went undetected.

For those who have CamScanner downloaded on their devices, it is advised that they delete it immediately. Users can also do a thorough scan of their phones with anti-virus apps from Avast, Norton and Kaspersky.

First Published: Aug 29, 2019 18:05 IST