Beware! A scanning app has been deleted from the Google Play Store because of malware - the free version of CamScanner. If you’ve downloaded it, delete the app, as it was available to UAE users.
Scanning a paper document has become as easy as clicking a picture. Bulky scanners have become practically useless to the average person because of the availability of mobile phone applications that allow people to convert pictures into soft copies.
One such app is the CamScanner. However, now the free version of the popular app that has been downloaded over 100 million times worldwide has been removed from the Google Play Store.
Recently it was found by Russian antivirus firm called Kaspersky that the app began spreading malware on Android devices through its latest versions that have in-app purchases and ads.
The app belongs to Shanghai-based technology firm, CC Intelligence. The company has relied on ads and in-app purchases to earn revenue from CamScanner so far.
According to ZDNet, a business technology news website, Kaspersky noted that the “malicious code may show intrusive ads and sign users up for paid subscriptions”.
Intrusive ads are a hassle for users but paying for subscriptions one did not sign up for is the real threat for users.
The ads in the app employ a Trojan dropper that is configured to connect to the attackers’ servers, download additional code, and then execute that code on Android devices with the app installed.
Trojan is a type of malware that is often able to pass as legitimate software. Trojans can be employed by cyber-thieves and hackers trying to gain access to users’ systems.
While unavailable on the Google Play Store, the app’s iOS version can still be seen on Apple’s App Store.
ZDNet noted that the incident seems to be a case of developers accidentally using a malicious ad library. These are frequently found to be embedded in otherwise legitimate apps.