Android Warning: Malware Found in google app with 100M Downloads

Published on September 5, 2019

A series of disclosures of malware-laced applications downloaded by millions of customers around the globe have arrived in Google’s Play Store. Therefore, Google has been under severe criticism since last week.

Android Warning: Malware Found in google app with 100M Downloads

Android Warning: Malware Found in google app with 100M Downloads: Image Source

Caution! If you are using a free version of CamScanner, a popular Phone PDF Creator for more than 100 million purchases from the Google Play Store, attackers can directly hijack your Android device and steal data. Uninstall CamScanner app as soon as possible to be secure since the app has already been removed from the official play store by Google.

CamScanner has been sadly inactive lately as scientists have discovered an unseen Trojan-Dropper module in the application. This could silently enable hidden attackers to access and deploy harmful malware without the knowledge of users on their Android phones.

The malicious module does not however effectively involve in the CamScanner Android app’s software. The malicious module is a component of a third party publicity library, launched lately in the PDF creator Android app. In the recent release, investigators from Kaspersky revealed that over a hundred million downloads by a phone-based PDF creator named CamScanner has carried malware with an advertisement library.

Over the past few months, Kaspersky safety professionals and several customers observed suspected behavior in a CamScanner and posted negatives in the Google Play Store that show that the app’s behavior was different than before.

“The reason the malware has been added may be assumed to be the partnership of the developers with an unprincipled ad company,” said the researchers. Analyzing Trojan-Dropper malicious module has disclosed that the same element has already been seen in some applications that were pre-installed on Chinese smartphones.

“Another malicious module is extracted and run by an encrypted file in the device,” the researchers said. The malicious module is a Trojan dropper, according to researchers, which means that the malware is meant to spread other malware with specific intent. So an installed malware like dropper can generate fake clicks on ads and can create fake subscribers. It can steal bank credentials too.


Kaspersky researchers said that Google quickly withdrew Android CAMScanner app, but they said, “It looks like software developers have been able to discard malicious Code in the latest CAMScanner release.” The latest version of CamScanner doesn’t include a third party advertising library and the malicious module as well. It is therefore not affected, nor is it still available on the Google Store.

Scientists, however, suggested to customers that bear in mind “mobile versions can vary for personal applications and some may still need malware.”

While in the latest years Google has attempted to remove harmful apps from the Play Store and implemented tougher malware controls for new apps, so legitimate apps can reach millions of clients immediately.

“We can understand from this story that any application – one from a licensed store with a powerful title, one with millions of great reviews and a big, loyal client base – can be malicious and malware founded,” the researchers said.

This specific malware has been seen in Chinese smartphones before by Kaspersky’s researchers. The said malicious malware is known as Trojan malware. Dropper. Dropper. AndroidOS.Necro.n.

Google is endlessly increasing its defense system against hackers and attackers, but malware developers are working just as hard to keep one step ahead from Google.

It is therefore highly proposed that your Android phone keeps the best antivirus application which can discover and prevent such harmful operations before you get your smartphone infected.

Take a look at the feedback of others who buy the product, inspect client permissions before installing the app and only offer permissions that are applicable to the app’s purpose.

Dozens of applications with hundreds of millions of downloads and installation with malware modules have been registered over the past month. In pre-installed applications, we have witnessed the reports of millions of malware applications on Google Play Store. And we saw Google Play expanding assessment time for new apps, as it feels like Google is battling the issue.

Google Play Protect aims to defend against computer vulnerabilities and Google has recognized and removed fake apps faster than ever in 2018, thereby preventing more unlawful apps from entering the Google Play Store. The quantity of apps rejected has grown by more than 55% and suspensions by over 66%.

About CamScanner

Since its first release in 2010, CamScanner published by CC Intelligence in Shanghai has been downloaded over 100 million times from the Google Play Store.

CamScanner focuses on optical character recognition (OCR). It provides apps for gathering business card data, including CamCard for Salesforce and simple CamCard and, regardless of its CamScanner OCR technology.

To earn CamScanner revenue, the company relies on in-app ads and purchases. However, in your phones recent edition, researchers from Kaspersky said there was a new ad store with a bug that brings malware to Android devices.

CC Intelligence argues that any advertising SDKs not authorized by Google Play have now been removed from its phone and CamScanner has launched a new version that is virus-free. SDK third-party advertising violates its own safety law, alleged CC Intelligence, which would bring instant legal involvement. Fortunately, we found no evidence that the module could end in any Paper Information Leakage after security checks, “said CC Intelligence.

The company encourages clients affected by issues to contact immediately to upgrade and provides a link to buy the new version in the post statement.

Next Read: Smart Cars proving to be dangerous for older drivers

Enjoyed this video?
Android Warning: Malware Found in google app with 100M Downloads
"No Thanks. Please Close This Box!"