Recently Goggle had to remove the popular CamScanner PDF Creator app from the Play store after learning that it had started delivering malware.
Published by Shanghai-based CC Intelligence, a company that specializes in optical character recognition, the CamScanner app had been downloaded over 100 million times since becoming available on the Google Play store in 2010.
The company had relied on ads and an in-app purchase model to earn revenue from the app. Unfortunately, according to the anti virus firm Kaspersky, recent versions of the app included a new advertising library that contained the malware. The malware was designed to show intrusive ads and to sign unknowing users up for paid subscriptions.
Although in many cases, the malicious code is knowingly installed, this incident looks more like a case where developers accidentally used a malicious ad library.
According to Kaspersky researchers Igor Golovin and Anton Kivva, "It can be assumed that the reason why this malware was added was the app developers' partnership with an unscrupulous advertiser,".
Kaspersky also notes that it appears that the app developers have removed the malicious code in more recent updates to the CamScanner app.
As Kaspersky researchers noted, "What we can learn from this story is that any app — even one from an official store, even one with a good reputation, and even one with millions of positive reviews and a big, loyal user base —can turn into malware overnight. Every app is just one update away from a major change,".
Share on Twitter Share on Facebook Back to Blog