Affiliate links on Android Authority may earn us a commission. Learn more.
CamScanner returns to the Play Store after getting booted for malware (Updated)
Update, September 5, 2019 (6:05PM EST): In a statement sent to Android Authority, CamScanner confirmed the app is back on the Play Store with version 5.12.5. It also urged users to download or update the new version, though iOS versions are unaffected.
According to CamScanner, there’s no evidence of leaked document data as a result of the malicious codes. That said, it temporarily removed all advertising SDKs for security purposes. CamScanner didn’t provide an update on its “legal actions” against AdHub’s advertising SDK, which was blamed for the malicious codes.
Original article, August 28, 2019 (3:32PM EST): With over 100 million installs, CamScanner is one of the most popular scanning apps on the Play Store. That didn’t matter much to Google, which removed the app from the Play Store due to malicious code discovered yesterday.
According to security firm Kaspersky, the malicious code was spotted in several CamScanner updates published between June and July. Researchers identified the code as Trojan Dropper, software also discovered in some pre-installed apps on Chinese smartphones.
Trojan Dropper extracts and runs other malicious code from an encrypted file in the APK. The other malicious code was identified as Trojan Downloader, which downloads other malicious code based on what the app creator wants to do. For example, CamScanner showed intrusive ads and signed up some users to paid subscriptions they didn’t consent to.
Kaspersky reported its findings to Google, which took down CamScanner from the virtual app storefront. However, Android Police reported today the app is back up on the Play Store. The outlet also noted every app update since August 1 with version 184.108.40.20690730 has been clear of Trojan Dropper.
In a statement released on Twitter today, CamScanner placed the blame on a third-party advertising SDK provided by AdHub. According to CamScanner, the SDK was reported for containing the Trojan Dropper module and producing “unauthorized advertising clicks.” The app maker also said it “will take immediate legal actions against AdHub.”
CamScanner also released a statement near the end of July. The statement insinuated the app was fine, with people urged to update their antivirus apps and download antivirus apps directly from the Play Store.