CamScanner App Malware – Are the Millions of Users at Risk?

camscanner malware 2019

Used by millions of users to scan documents on mobile, the Camscanner App is the latest information under Malware alert found by Kaspersky Lab. Currently CamScanner has downloaded more than 100 million downloads from the Google Play Store, and found that the latest update has a malicious module that immediately pushes ads or downloaded apps to Android devices with corrupted modules.

Kaspersky's research found suspicious malicious programs warned by one of the scanners in the free version of the popular scanning app, where people began to leave negative reviews on the playStore page. "CamScanner is actually a legitimate app," Kaspersky said. “We used ads for monetization and even allowed in-app purchases. However, at some point, the latest version of the app came with an ad library that contained malicious modules. ”

This module (identified as Trojan-Dropper.AndroidOS.Necro.n) is a Trojan dropper that can extract and run encrypted second malicious components within your app. This Trojan downloader can be utilized to infect devices with other kinds of malware.

Kaspersky researchers found that when CamScanner ran, the eyedropper decrypted and executed the malware contained in the app's "mutter.zip" file before downloading the encrypted code from the command and control server "https: //abc.abcdserver" I did.[.]com. ”

The researchers said, “The Trojan-Dropper.AndroidOS.Necro.n feature described above performs the main task of malware. "As a result, module owners can use infected devices the way they want, from charging victims to showing disrupted ads to stealing money from their mobile accounts."

After reporting the findings from Kaspersky, I removed the list of apps (CamScanner – Phone PDF Creator) from the Play Store, but Kaspersky mentioned that the app developer removed the malware from the latest update.

LEAVE A REPLY

Please enter your comment!
Please enter your name here