Google Play Store is in the spotlight again. An app called CamScanner, which has been available since back in 2010 has unfortunately started to install malware.
Google managed to remove the highly popular CamScanner PDF creator Android app from the Google Play Store after it was able to learn that it had recently started to deliver malware.
The CamScanner app which is published by the developer called Shanghai-based CC Intelligence has been downloaded more than 100 million times from the Google Play store since it was first made available in 2010.
ZDNet notes the following details on the application:
“The company specializes in optical character recognition (OCR). Beyond its CamScanner app with OCR text-reading functionality, it sells apps that capture text from business cards, including CamCard and CamCard for Salesforce.”
This company has relied on ads and also in-app purchases in order to earn revenue from the CamScanner.
On the other hand, according to some researchers at the Russian antivirus company called Kaspersky, some recent version of the app used to include a new advertising library that included a Trojan that was designed to deliver malware to Android phones.
Malicious code was showing intrusive ads
According to official notes coming from Kaspersky, the “malicious code may show intrusive ads and sign users up for paid subscriptions.”
ZDNet noted that intrusive ads are “pesky”, but no consumer wants to pay for subscriptions they never signed up for.
The online publication mentioned above noted that this trojan dropper has been configured to connect to the attackers’ servers, download additional code and then execute the code on Android devices that have this app installed on them.
“It can be assumed that the reason why this malware was added was the app developers’ partnership with an unscrupulous advertiser,” according to Kaspersky researchers Igor Golovin and Anton Kivva.