Android PDF-Creator ‘Cam Scanner’ shipped with malware

[German]Nasty surprise for users of the Android app ‘Cam Scanner’, which is used to create PDF files from scans recorded by camera. The app is infected with malware.


Advertising

The Android app ‘Cam Scanner’ has meanwhile been removed from the Play Store by Google, as MSPU reports here. The malware was found by Kaspersky security researchers. They published a report and reported the app to Google. ‘Cam Scanner’ has been downloaded by 100 million Android users, so it is very popular. Please note that the app is known under different names like CamScanner, Phone PDF Creator and CamScanner-Scanner.

CamScanner has been a legitimate app without malware for quite some time. The app displayed ads for monetization and allowed in-app purchases. At some point, the developer seems to have integrated an advertising library in the latest versions of the app that was provided with a malicious module.

Kaspersky products recognize this module as Trojan-Dropper.AndroidOS.Necro.n. This malware has been observed in some apps preinstalled on Chinese smartphones. The module is a Trojan dropper that extracts and executes another malicious module from an encrypted file contained in the app’s resources. This malware is a Trojan downloader that downloads more malicious modules, depending on what its developers are currently up to.

For example, an application that uses this malicious code can display intrusive ads and sign users up for paid subscriptions. Some users of the CamScanner app have already discovered suspicious behavior and left ratings on the app’s Google Play page with warnings to warn about this app. It looks like the app developers have removed the malicious code with the latest update to CamScanner.


Advertising
This entry was posted in Android, Security and tagged , , , . Bookmark the permalink.

2 Responses to Android PDF-Creator ‘Cam Scanner’ shipped with malware

  1. facebook says:

    Actually, the cam scanner was a legitimate app. Google took down the app listing from the Play Store after Kaspersky reporting their findings, but the researchers noted that the app developers have removed the malicious code in their latest update.

  2. Scanner says:

    In all over the world, lot’s of users faced that issue of showing the ads in cam-scanner. Many users giving negative feedback regarding this issue on the play store and even on the App store. This was actually a serious issue.

Leave a Reply

Your email address will not be published. Required fields are marked *