Researchers at Kaspersky discovered a malicious Trojan Dropper module in CamScanner that could show intrusive ads and sign you up for paid subscriptions.
- CamScanner as been removed from the Play Store due to a malware detected.
- A malicious Trojan Dropper module was found that could show intrusive ads.
- CamScanner had more than 100 million downloads in the Play Store.
CamScanner, a PDF converter app, has been removed from the Google Play Store after it was found to come with an advertising malware. Kaspersky researchers discovered that recent versions of the CamScanner app for Android shipped with a malicious Trojan Dropper module that had the potential to show intrusive ads and signed users up for paid subscriptions. Before being removed, CamScanner had more than 100 million downloads.
Researchers at Kaspersky said that the CamScanner app was a clean, legitimate app for quite some time. The app showed ads for monetisation and also allowed in-app purchases. However, with recent versions of CamScanner, the app was found to come with an advertising library that contained a malicious module.
This module, known as Trojan-Dropper.AndroidOS.Necro.n, has been previously discovered in some preinstalled apps on Chinese smartphones. Kaspersky says that the module can extract and run another malicious module from an encrypted file that’s included in the app’s resources. As the name suggests, the dropped malware is a Trojan Downloaded that downloads more malicious modules.
An example of this is that an app with the Trojan Dropper module can show intrusive ads and can also sign you up for paid subscriptions. After Kaspersky reported the malware to Google, the CamScanner app was removed from Google Play Store. The report adds that the app developers have now removed the malicious code with the latest update, but the versions may vary for different devices and some may still contain the malware.
At the time of writing this story, the CamScanner app could not be found on the Play Store, but some older and stale versions of the app such as CamScanner HD and CamScanner (License) can still be found and we recommend not downloading them. If you have CamScanner downloaded on your Android device already, you should delete it until a a fixed version gets listed on the Play Store. Meanwhile, it looks like the CamScanner app for iOS is just fine and malware free and is available for download in the App Store.