Google removes malicious app downloaded over 100mn timestext_fields
San Francisco: Google has removed a hugely popular Android app on Play Store that scans files and converts them into PDFs and has been installed over 100 million times.
After cyber security firm Kaspersky found the problem with the app called CamScanner, it reported the issue to Google which has taken it off from Play Store.
"The popular CamScanner -- the phone PDF creator app -- caught our attention. The developers position it as a solution for scanning and managing digitized documents, but negative user reviews that have been left over the past month have indicated the presence of unwanted features," said Kaspersky researchers Igor Golovin and Anton Kivva in a blog post.
After analyzing the app, they saw an advertising library in it that contains a "malicious dropper component".
Previously, a similar module was often found in preinstalled malware on Chinese-made smartphones.
"It can be assumed that the reason why this malware was added was the app developers' partnership with an unscrupulous advertiser," the researchers noted.
The team reported to Google about the findings and the app was promptly removed from the Google app platform.
"The 'Trojan-Dropper.AndroidOS.Necro.na' functions carry out the main task of the malware: to download and launch a payload from malicious servers.
"As a result, the owners of the module can use an infected device to their benefit in any way they see fit, from showing the victim intrusive advertising to stealing money from their mobile account by charging paid subscriptions," the researchers noted.