The Camscanner app had a module, specifically the Trojan Dropper module, that was found malicious. The module extracted and ran another malicious module from an encrypted file included in the app’s resources.Camscanner, an app used popularly to convert photos of your physical documents into PDF files, was recently found to have an advertising library containing a malicious module.
The module, specifically the Trojan Dropper module, was found malicious. It extracted and executed another malicious module from an encrypted file that was found within Cam scanner’s resources.The malware was first found by Kaspersky researchers.
The following is an excerpt from their blog post describing the malicious module:
[alert title=”ALSO READ” icon=”info-circle”] Google removes 27 dangerous apps from PlayStore, check this list to ensure they are not in your phone-Updated August 2019. CLICK HERE TO READ[/alert]
“Kaspersky products detect this module as Trojan-Dropper.AndroidOS.Necro.n, which we have observed in some apps preinstalled on Chinese smartphones.For example, an app with this malicious code may show intrusive ads and sign users up for paid subscriptions.”
Beware! Attackers can remotely hijack your Android device and steal data stored on it, if you are using free version of CamScanner, a highly-popular Phone PDF creator app with more than 100 million downloads on Google Play Store.
As the name suggests, the module is a Trojan Dropper. That means the module extracts and runs another malicious module from an encrypted file included in the app’s resources. This “dropped” malware, in turn, is a Trojan Downloader that downloads more malicious modules depending on what its creators are up to at the moment.
Kaspersky reported the issue to Google and it was promptly taken off its Play Store. Some users of the CamScanner app had already spotted suspicious behavior and left reviews on the app’s Google Play page with warnings to avoid the app.
CamScanner was actually a legitimate app, with no malicious intentions whatsoever, for quite some time. It used ads for monetization and even allowed in-app purchases. However, at some point, that changed, and recent versions of the app shipped with an advertising library containing a malicious module.You can still download an app named ‘CamScanner HD’ from the Play Store, but we wouldn’t trust the authenticity of the app. For now, your best options to scan and convert PDF documents are Adobe Scan, Microsoft Office Lens or even the in-built scanning functionality of the Google Drive app.
If you have previously downloaded the app, we suggest you to uninstall the app to keep your data from getting compromised.