Malware Found in CamScanner Android App
Malware was found in a free Android app found on the Google Play Store. Hackers can remotely steal data or from banking apps after a device is infected with malware. CamScanner is a productivity app with over 100 million downloads. The app which lets users copy notes and paper documents was found to contain malware that compromises the device it is installed on. The malware may even be used to steal from banking apps installed on the same device. CamScanner is sometimes called CamScanner — Phone PDF Creator and CamScanner-Scanner to scan PDFs.
Cyber security researchers at Kaspersky found malicious code in the app’s module that serves advertisements. The malware was discovered after users left negative reviews on Google Play after their devices began to exhibit strange behavior.
CamScanner is available for Android devices as well as iPhones and iPad. The malware was found only on the Android version. There is no information about the iPhone and iPad apps. CamScanner is a legitimate Android app with over 100 million downloads from the Google Play app Store. It is also available from websites.
CamScanner Trojan Malware
Like many other apps, CamScanner contains advertisements to earn money for its developers. It also offers in-app purchases. However, the advertising code library bundled with the free version of CamScanner contained malicious module that compromised devices.
Kaspersky researchers found malware known as Trojan-Dropper.AndroidOS.Necro.n, in CamScanner ad library which is a Trojan Dropper. This type of malware extracts and runs another malicious module from an encrypted file downloaded with the app or an update. The newly dropped malware, in turn, is a Trojan Downloader that downloads and launches a payload from malicious servers.
These downloaded processes run in the background on the infected phone and work at the behest of the hackers. They can be used to do anything from popping up more advertisements, steal money from mobile banking or payment apps, open multiple web browser tabs, or charge for bogus subscriptions.
If you also have mobile banking apps installed on an infected device, hackers can compromise them with a Trojan malware.
Protect your device from malware, spyware, adware, and other cyberattacks with a quality antivirus app. Periodically scan your smartphone, tablet, or laptop for malware or newly installed apps. Many paid versions of Android antivirus apps scan devices automatically on a regular schedule.
What is CamScanner?
CamScanner lets you use your smartphone or tablet camera as a scanner. CamScanner takes a photo of any document like receipts, notes, presentation handouts, and business cards and saves it in Adobe pdf format Docs can be Sync docs across smartphones, tablets and computers. Optical character recognition (OCR) is used to search scanned documents. CamScanner can also export documents to an Evernote, Google Drive, Box, Dropbox, OneDrive.
I have CamScanner installed, what should I do?
A good antivirus app can help protect your phone by regularly checking for malicious code. Only the free version of CamScanner is infected with malware. The paid version does not show advertisements and therefore does not have the malicious malware bundled with it. Google already removed the free version of the app from Google Play but the paid version is still for sale and is safe to use.
If you have or ever had the free version of CamScanner on your phone, it may be infected with malware.
- On an Android device, go to settings then go to apps to see if you have CamScanner installed
- If you do, then uninstall it
- When a new version is released on the Play Store, reinstall a fresh copy
CamScanner App – How to Protect Your Phone
If you have automatic updates enabled for your device and apps, then you may have accepted an update of CamScanner that has the malware.
- If you already have CamScanner on your device you want to use an antivirus app to check for any malicious software, suspicious apps, spyware, or adware. If you have antivirus software, run it to manually check your phone, laptop, or tablet for malware regularly
- Remove any unused apps from your phone
- Always download apps from official app stores like iTunes or the Google Play Store. Although it is not foolproof, the odds of a safe download are much better on an official app site than they are when downloading from in-game advertisements or review websites
- When installing any new app, pay attention to the permissions requested by the app. If it seems strange that an app needs access to certain data on your phone, for example when a game prompts for access to photos or call history, then deny permission or uninstall the app
Michelle writes about cyber security, data privacy focusing on social media privacy as well as how to protect your IoT devices. She has worked in internet technology for over 20 years and owns METRONY, LLC. Michelle earned a B.S. in Engineering from Rensselaer Polytechnic Institute. Michelle published a guide to Cyber Security for Business Travelers