CamScanner, an app downloaded by more than 100 million people, has been removed by Google. The application was recently found as a front for distributing malware on smart devices. Now, the search giant is getting rid of the app from Play Store. Security researchers from Kaspersky Lab revealed in its recent vulnerability report that Camscanner has been carrying malware. The app is a popular photo-scanning app that allows users to create PDF and has OCR capabilities.
The app has been found containing a malware module identified as ‘Trojan-Dropper.AndroidOS.Necro.n’ by Kaspersky Lab. This particular malware has been previously spotted in few apps that came pre-installed on some Chinese smartphones. The malware has been found only on the Android version of CamScanner app. It seems that the iOS version, which is still available, is not infected in any way. The researchers also note that the app is called by different names such as Phone PDF Creator and CamScanner-Scanner.
CamScanner’s removal from the Play Store highlights Google’s inability to keep malware-ridden apps away from Android users. In the past few months alone, the company has removed a number of apps. However, it has done so after it was highlighted by a security research firm. Check Point Software Technologies recently showed how Agent Smith malware affected over 25 million Android devices. It showed that 15 million of those devices were affected in India.
Google Play Store is usually considered the safest way to download applications. However, the recent events have proved that it is not 100 percent safe, after all. “The problem is that even such a powerful company as Google can’t thoroughly check millions of apps,” researchers said in a statement. “Keep in mind that most of the apps are updated regularly, so Google Play moderators’ jobs are never done.”
CamScanner like most other applications started as a legitimate app on the Play Store. It had no malicious intentions and used ads for monetization. It also allowed in-app purchases and its strategy seems to have changed. “The recent versions of the app shipped with an advertising library containing a malicious module,” Kaspersky observed in its blog.