Nothing is 100% safe anymore. Researchers have found a Trojan-Dropper malicious virus hidden inside Cam scanner, an Android app with more than 100 million downloads on Google Play Store! The malware was found by two Kaspersky security researchers, Igor Golovin, and Anton Kiva. The app was following a series of negative reviews for the last few months and while researching for the cause, the team of two found the faulty virus.
Cam scanner is a free app on the Google Play store that turns an Android mobile device into a portable scanner. It scans and manages documents, receipts, bills, business cards, certificates and so on.
The intrusive module so identified in Cam scanner is a Trojan virus called Trojan-Dropper. It can extract and run a second malicious component accommodated within the app. This can be leveraged to infect people’s devices with other kinds of malware.
What happens when you download and run the Cam Scanner app is, the dropper decrypts and executes malicious code contained in a “mutter zip” file present inside of the app before downloading encrypted code from the control server.
The virus functions to download and launch a payload from other malicious servers, hence infecting your device. As a result, the owners of the malicious module can use an infected device to their benefit by showing the victim unwanted advertisements and maybe even stealing money from their mobile accounts by charging paid subscriptions.
But thankfully, the virus did not reside in the code of Cam Scanner app itself, instead, it’s part of a 3rd party advertising library that was recently included in the app.
After discovering such intrusive activities, the researchers promptly reported the findings to Google, who then removed the app from its Play Store. Similarly, the app developers have reportedly gotten rid of the virus and with the latest update of Cam Scanner. However, if you are running the previous version of the app, the virus might still be contained in the app, say the researchers.
But, if anyone is using the paid version of the app which does not include 3rd party advertising, then those people are safe from the infectious module as reported by the developers.
So, the conclusion that can be drawn from this is that any app, even if it is from the most trusted store, even the ones with trusted reviews can turn into malware overnight. So, your safety is in your hands. Everybody is strongly advised to always keep a good antivirus app on your Android device to detect and block such malicious activities before they can infect your device.
Also, one should keep a check for the latest reviews of the app and verify app permissions before installing any application.