Google has kicked out CamScanner from Play Store after being found to be spreading malware. According to researchers at Kaspersky, recent versions of the popular Optical Character Recognition (OCR) Scanner app have shipped with an advertising library containing a malicious module. If you had the app updated/installed between June and July, you are most likely affected, and are advised to delete the app.
Kaspersky says the module that’s identified as Trojan-Dropper.AndroidOS.Necro.n has been observed in some apps that come pre-installed on many Chinese smartphones. Users would witness intrusive ads, and would also be unknowingly signed up for paid subscriptions. The module is designed such that it connects to the user’s server and download additional code.
Kaspersky says the current version of the app is free of the malicious code. But on Play Store, the official CamScanner app is no longer available. Only the licence app, plus other similarly named apps from different developers are available.
CamScanner in a statement are asking its users to sideload their app, by downloading the APK. They also say they’ll be taking legal action against AdHub, and promise to be back on Play Store. The iOS app is still available, and wasn’t mentioned by Kaspersky.
Kaspersky is one of the world’s leading cybersecurity and anti-virus providers. In their post on CamScanner, the company says, “What we can learn from this story is that any app — even one from an official store, even one with a good reputation, and even one with millions of positive reviews and a big, loyal user base —can turn into malware overnight.”
Here are some alternatives to CamScanner:
- Adobe Scan – This is what I use. I love it. It works like magic, and syncs my documents making them accessible anywhere for free.
- Google’s inbuilt scanner found on Google Drive App
- Microsoft Office Lens
- There’s many others if you search – but beware of malware…