Malware found in free version of CamScanner for Android
Free version of highly-popular Phone PDF creator app “CamScanner” let bad actors to remotely hijack your Android device and steal data stored on it.This app exceeds 100 million downloads on Google Play Store.But last few months many “CamScanner” users posted negative feedback for the app in play store afters identifying some suspicious behavior.Also many of these reviews highlighted that these malicious behaviors started to show after recent updates of “CamScanner” app.
Later Kaspersky security researchers investigated this app and found a hidden Trojan Dropper module that could allow bad actors to install malware on users’ devices without any background clue. “trojan dropper”, is a malicious program which can extract and execute a secondary malware inside the original program. Although this malicious module dose not belong to the original “CamScanner” code and its from a recently introduced third party advertising library .Kaspersky reported this to relevant parties and later google removed the free version of this app from play store.However paid version of this app dose not include this malicious advertising library ,So it still available in playstore.
If you still use this app on your android device just uninstall it.And also you can switching to alternatives like Microsoft OneNote, Google Drive, or Apple Notes.Kaspersky lab further revealed that the same component was also previously observed in some apps per-installed on Chinese smartphones.