Update: CamScanner has recognized that a malicious module was present in the CamScanner Advertising SDK Version 5.11.7. The SDK was apparently provided by a third party called AdHub and was producing clicks from unauthorized ads. The company says it will take immediate legal action against Adhub since the injection of any suspicious code violates the company’s security policy. In addition, no evidence of document leakage has been found after “rounds of security checks”. Apparently, CamScanner has removed all ad SDKs that are not certified by Google Play and is releasing a new version that can be currently downloaded from the company’s website.

“This” discarded “malware, in turn, is a Trojan Downloader that downloads more malicious modules depending on what their creators are doing at the moment. For example, an application with this malicious code can display intrusive ads and register users for paid subscriptions, “says the Kaspersky blog. We verify that the CamScanner application has been removed from the Google Play Store. However, Kaspersky reports that the developers of the application removed the malicious code with the latest update. However, since the version of the applications varies for different devices, it is recommended to uninstall it, since your device could have an earlier version of that application that contains the Trojan Dropper malware module.

There is a good chance that you know the CamScanner application, which is available on both Android and iOS. The “Phone PDF Creator” or “Scanner to Scan PDFs” application had more than 100 million downloads, before being launched from the Google Play Store. Kaspersky Labs researchers found malware in recent versions of the popular OCR application (optical character recognition). Apparently it housed an advertising library that contained a malicious module that Kaspersky researchers identified as ‘Trojan-Dropper.AndroidOS.Necro.n’. According to the report, this particular malware module was previously detected in some applications that were preinstalled on some Chinese smartphones.

The malware module was detected only in the Android version of the application and it seems that its iOS version is still available in the App Store, probably due to Apple’s strict application research policies. As Kaspersky’s blog points out, CamScanner was a pretty good application that offered remarkable functionality. While it showed ads to generate revenue, there were options for in-app purchases and to purchase a separate License to remove ads. However, the Trojan Dropper module inside the application is said to extract and execute another malicious module from an encrypted file included in the application’s resources.

This is not the first time that Google prohibits the applications of a developer who commits advertising fraud. A few weeks ago, another popular application developer, DU Group, was also accused of committing advertising fraud through its applications. DU Group had some popular applications in the Play Store that were downloaded by many users: Omni Cleaner, RAM Master, Smart Cooler, Total Cleaner and AIO Flashlight, in addition to Selfie Camera.

“We actively investigate malicious behavior, and when we find violations, we take action, including eliminating a developer’s ability to monetize your application with AdMob or publish on Play,” a Google spokesman said in the BuzzFeed News report.

This is not the first time an application has overlooked the application verification process of the Google Play Store. While it can also be difficult to keep up with thousands of applications and their updates that are released on the platform, Google needs to step up its game if it wants to assure users that Play Store is the safest place to download Android applications from.

Previous articleUS Open: Hurting Djokovic, slow-starting Federer advance
Next articleSaaho movie review: A damp squib
Raj Patel is our resident geek with a Degree in Computer Science, he LOVES to write about the Entertainment, world and New Technology Development around the Globe. It’s always interesting to watch what he posts. David keeps thing very, very interesting indeed. He also writes for another website on the Internet.


Please enter your comment!
Please enter your name here