Security researchers at Kaspersky discovered malware in various versions of the Android app “CamScanner” that were published to the Google Play store in June and July. You should remove it from your Android phone right now if you haven’t updated the app to any versions released since June 30, and even then, we recommend deleting it regardless.
Why the caveat? According to the researchers, recent versions of the CamScanner app appear to be free from the troublesome “Trojan Dropper” malware that got packed into previous iterations of the app. As they describe in a blog post:
“Kaspersky products detect this module as Trojan-Dropper.AndroidOS.Necro.n, which we have observed in some apps preinstalled on Chinese smartphones. As the name suggests, the module is a Trojan Dropper. That means the module extracts and runs another malicious module from an encrypted file included in the app’s resources. This “dropped” malware, in turn, is a Trojan Downloader that downloads more malicious modules depending on what its creators are up to at the moment.
For example, an app with this malicious code may show intrusive ads and sign users up for paid subscriptions.”
According to Android Police, CamScanner’s malware first appeared in the June 16 update of the app (version 126.96.36.19990616), and persisted through the app’s June 25 update (version 188.8.131.5290725). It was removed starting with the June 30 app update (184.108.40.20690730).
However this malware got into the app, and regardless of whether its latest version is clean or not, the incident was severe enough to earn CamScanner a temporary ban from the Google Play store. You’ll still be able to find “CamScanner HD” on Google Play, but the original “CamScanner” app appears to be gone—and developer INTSIG is now asking users to sideload a version of the app on their devices instead of linking to the Google Play store. (“Hmm,” we say.)
Our advice? CamScanner betrayed your trust, and it’s time to switch to an app you won’t have to worry about. Remove it and install a better document-scanning app, such as Adobe Scan or Microsoft Office Lens. You can even use the built-in scanner found in the Google Drive app, if you prefer. All are solid options, especially since they have never attempted to infect your device with crap you don’t want.