Kaspersky CamScanner Alert:
Kaspersky CamScanner, Kaspersky security experts have detected malware in the free version of the popular CamScanner PDF creator program.
CamScanner is a very famous PDF creator application for phones with more than 100 million downloads in the Google Play Store. Kaspersky experts have discovered malware in the free Android version of the CamScanner application that attackers can use to remotely hack Android devices and steal target data.
Google has already removed the CamScanner application from the official Play Store and users must immediately remove the application from their Android device,
“After analyzing the application, we saw an advertising library with a malicious pipette. Previously, a similar module was often found in malware that was pre-installed on smartphones made in China. It can be assumed that the reason why this malware was added was the association of the developers of the application with an unscrupulous advertiser, “according to Kaspersky’s analysis.
“Kaspersky solutions detect this harmful component as Trojan-Dropper.AndroidOS.Necro.
2. Kaspersky products detect this module as Trojan-Dropper
“Kaspersky products detect this module as Trojan-Dropper.AndroidOS.Necro.n, which we have observed in some programs that are pre-installed on Chinese smartphones. As the name suggests, the module is a Trojan dropper.
After Google removed the CamScanner application from the Play Store, the application developers removed the malicious code from the application with the latest update. Researchers warn that application versions for different devices vary, and some of them may still contain malware.
The version pays if the application does not contain a third-party advertising library, this means that it does not contain malware and for this reason, Google has not removed it from the Play Store.
Last week, ESET experts discovered that an Android application infected with AhMyth open source RAT has escaped Google Play security twice for two years.
3. Last Month Reports
In December, ESET security researcher Lukas Stefanko discovered the first Android cryptocurrency clipboard hijacker posing as MetaMask in the official Google Play Store.
“What we can learn from this story is that any application, even one from an official store, even one with a good reputation and even one with millions of positive reviews and a large group of loyal users, can change malware from one day to the next tomorrow. “Kaspersky researchers concluded.