Home Security An Old Android App With 100M Downloads Started Delivering Malware

An Old Android App With 100M Downloads Started Delivering Malware

by ethhack

An old Android app stealthily targeted a Millions of Android users. As discovered by the researchers, CamScanner, an app that existed for at least 8 years and had over 100 million downloads, barraged users with malware.

Old Android App Became Malicious

Researchers from Kaspersky Lab discovered how an old existing Android app suddenly turned malicious. As identified in their blog post, CamScanner, a pdf creator app delivered malware to users.

The application caught the attention of the researchers when they noticed some bad reviews. As stated in their blog post,

The developers position it as a solution for scanning and managing digitized documents, but negative user reviews that have been left over the past month have indicated the presence of unwanted features.

Scratching the surface revealed that the app contained a malicious dropper component Trojan-Dropper.AndroidOS.Necro.n, probably meant for advertising purpose.

It can be assumed that the reason why this malware was added was the app developers’ partnership with an unscrupulous advertiser.

Following the execution of the app, this component decrypted and executed the malicious code.

The function of the malware dropper was to download the payload from malicious servers and execute it on the target device.

Google Removed The App From Play Store

The CamScanner app has existed on Google Play Store since 2010. The app had over 100 million downloads and pretty good ratings. It also worked fine as a PDF creator application for Android devices. However, lately, it started delivering malware to the users.

Upon noticing this malicious activity with the app, researchers promptly reported the matter to Google. Following the report, Google removed the app from the Play Store.

In similar news, researchers also discovered how the open source AhMyth malware bundled with a radio app made it to the Play Store. This malware bypassed Google’s security checks at least twice to target Android users.

Let us know your thoughts in the comments.

The following two tabs change content below.
Avatar
Abeerah has been a passionate blogger for several years with a particular interest towards science and technology. She is crazy to know everything about the latest tech developments. Knowing and writing about cybersecurity, hacking, and spying has always enchanted her. When she is not writing, what else can be a better pastime than web surfing and staying updated about the tech world! Reach out to me at: [email protected]
Avatar

Source link

Related Articles

Leave a Comment

deneme bonusu veren sitelerbahis casinomakrobetceltabettipobet365pinbahispolobetpolobet girişpinbahis girişmakrobet girişpulibet girişmobilbahis girişkolaybet giriş