A popular Android app contains malware and must be immediately deleted from your mobile device if you have it. The app goes by the name CamScanner and the malware has been detected by Kaspersky Labs, a cybersecurity firm.
The app is used to create PDF and it is said that the earlier versions of the app did not have any issues. Even now, the app itself may be clean but is carrying some ads, one of which is a malware that can download a trojan, which can get into your device and play havoc. CamScanner has been downloaded on some 100 million Android devices, it is learnt.
Kaspersky Labs has posted a blog on this describing how the app was a harmless one till recently. Most free apps in the Play Store come with ads and ask you to make in-app purchases. These by itself need not cause you any concern. It is only when these ads carry malicious content that the problem starts. Some of these malicious files are so dangerous that they can act on their own and download programmes from external sources and plant them in your device without your knowing what is happening.
In the case of CamScanner, the malicious file has been identified as “Trojan-Dropper.AndroidOS.Necro.n” This is the module that does the dirty tricks and one of the most dangerous actions it does is to sign up for paid subscriptions automatically. You will keep getting intrusive ads causing unwanted disruption while using your device.
Following Kaspersky’s detection and report, Google has arranged to remove the app from Play Store. If you had downloaded the CamScanner app, have it uninstalled as soon as you read this.
It has to be said that Google has been working on making the Play Store a much cleaner place than it used to be. After repeated comparisons on how it is difficult to place an app in the App Store of iOS whereas Android apps can be easily included, Google tightened its policies on admitting apps and the past several months have seen millions of apps being removed from the store. Many permissions, which were earlier given to apps have been curtailed. Apps were indiscriminately seeking permission to access your location and other details. Now, only those apps for which location is relevant are given the permission and that too only till the function is on. The moment the task is completed the access to location will be off.
Despite all these, individual users of devices have to take their own precautions to protect their devices and the data in it.