CamScanner responds after Google removes app from Play Store due to Trojan Dropper malware scare

By Digit NewsDesk | Updated Sep 03 2019
CamScanner responds after Google removes app from Play Store due to Trojan Dropper malware scare

Go from OpenAPI-to-GraphQL in 2 minutes

Create GraphQL interfaces in minutes and build mobile or client apps quicker. Leverage free, open source IBM Code Patterns.

Click here to know more

HIGHLIGHTS

CamScanner, a document scanning app, reportedly contained malware and was removed by Google from the Play Store.

CamScanner has now issued a statement explaining what happened and why the app is no longer available on the Google Play Store.

The CamScanner app was reportedly harbouring a Trojan malware, which the app developers say was apparently provided by a third-party called AdHub and

Update: CamScanner has acknowledged that a malicious module was present in the advertisement SDK of CamScanner Version 5.11.7. The SDK was apparently provided by a third-party called AdHub and was producing unauthorised ad clicks. The company claims that it will take immediate legal action against Adhub since injection of any suspicious code violates the company's security policy. Additionally, no evidence of any document leaks has been found after 'rounds of security checks.' CamScanner has apparently removed all the ad SDKs that are not certified by Google Play and is releasing a new version that can be currently downloaded from the company's website.

There’s a good chance that you know about the CamScanner app, which is available on both Android and iOS. The ‘Phone PDF Creator’ or ‘Scanner to Scan PDFs’ app had over 100 million downloads, before being booted from the Google Play Store. Researchers at Kaspersky Labs found a malware in the recent versions of the popular OCR (optical character recognition) app. It was apparently harbouring an advertising library containing a malicious module that the Kaspersky researchers identified as ‘Trojan-Dropper.AndroidOS.Necro.n.’  As per the report, this particular malware module was previously spotted in a few apps that came preinstalled on some Chinese smartphones. 

The malware module was spotted only on the Android version of the app and it seems like its iOS version is still available on the App Store, probably because of Apple’s strict app vetting policies. As the Kaspersky blog notes, CamScanner was a pretty good app that offered notable functionality. While it displayed ads for generating revenue, there were options for in-app purchases and buying a License separately for eliminating ads. However, the Trojan Dropper module found within the app is said to extract and run another malicious module from an encrypted file included in the app’s resources. 

An overview of how the CamScanner app works

“This “dropped” malware, in turn, is a Trojan Downloader that downloads more malicious modules depending on what its creators are up to at the moment. For example, an app with this malicious code may show intrusive ads and sign users up for paid subscriptions,” the Kaspersky blog states. We checked to find that the CamScanner app has been removed from the Google Play Store. However, Kaspersky reports that the app’s developers removed the malicious code with the latest update. However, since the apps’ version varies for different devices, it is recommended that one uninstalls it as their device might have an older version of that app that contains the Trojan Dropper malware module. 

This is not the first time an app has slipped past through the Google Play Store’s app vetting process. While it can also be difficult to keep up with thousands of apps and their updates that are being released on the platform, Google needs to step up its game if it wants to assure users that the Play Store is the safest place to download Android apps from. 

logo
Digit NewsDesk

The guy who answered the question 'What are you doing?' with 'Nothing'.

Digit caters to the largest community of tech buyers, users and enthusiasts in India. The all new Digit in continues the legacy of Thinkdigit.com as one of the largest portals in India committed to technology users and buyers. Digit is also one of the most trusted names when it comes to technology reviews and buying advice and is home to the Digit Test Lab, India's most proficient center for testing and reviewing technology products.

We are about leadership-the 9.9 kind! Building a leading media company out of India.And,grooming new leaders for this promising industry.