The Malware was Found in CamScanner PDF App
- 2019-08-28 14:50
CamScanner is one of the most popular apps for Android that converts images to PDF files. Not so long ago, Kaspersky Lab, Russian cybersecurity and anti-virus provider, reported about founding the malicious code inside the app. How it impacts users?
Advertising dropper in CamScanner
CamScanner is a PDF creator app. It was installed by more than 100 million users only on the Google Play market. On August 27, Kaspersky Lab published a new article, where they proved the app had malicious code. The reason to check CamScanner for the virus was, as Kaspersky representative said, a large number of negative reviews by users that were ignored by the title’s developers.
After long analysis, the specialists found a malicious dropper element in the library that was used for advertising. Previously, this virus was noticed on the smartphones made in China. The malicious code is activated only when users launch the app. The library decrypts a .zip file — mutter.zip and then downloads certain files on the victim device. Once all coding is completed, the scammers can use the user’s device as they wish: from stealing money to showing the annoying ads.
After a few days, CamScanner approved that they were attacked by unknown people. The developers quickly removed this piece of code and returned it back to AdHub, a third-party provider. The good news is that CamScanner’s developers did not found the leak of users' information. “We will take immediate legal actions against Adhub! Fortunately, after rounds of security check, we have not found any evidence showing the module could cause any leak of document data," - CamScanner said in their statement.
Google’s reaction — CamScanner deleting
How did this malware get into the application? Kaspersky said that the reason was in the partnerships of CamScanner with a non-reliable advertiser. But this does not deny the fact that the application is potentially dangerous to users. Therefore, the company immediately notified Google of its find, and the CamScanner was removed from Google Play immediately. And what do you think about this situation? Have you managed to install the application on your smartphone? Share with us in the comments below.