Trojan Android PDF Converter App Spotted On Google Play

Google stands as an enviable counter part in the mobile industry with Android having a massive market share of more than 75-percent. But, it also has its task cut out to make its ecosystem safe from cybercriminals.

Over the years, the search engine giant has brought in stringent measures to control malware and adware-laced apps entering the Play store, but some intelligent hackers succeed to sneak in their malicious apps to prey on millions of naive phone users.

In the latest development, Kaspersky researchers have detected malicious nodule ‘Trojan-Dropper.AndroidOS.Necro.n’ in the Android CamScanner app. The latter used to be a legitimate Portable Document Format (PDF) converter app with OCR (optical character recognition) capability and a popular one too, with more than 100 million installs on Google Play store. It also used to have legal ad banners and also in-app purchases in the app for monetisation purpose. 

But, the CamScanner developers probably got greedy and recently added a Trojan-Dropper in the media library of the app, which worked in the background. It used to install adware and also subscribed to paid services without the Android phone owner’s consent. 

Some users got a whiff of the illegal activities of the CamScanner and posted negative reviews on Play Store and this drew the attention of Kaspersky security experts. Upon closer observation, they found malicious codes in the advertisement library.

Kaspersky researchers informed Google about CamScanner app’s misdeeds and the latter has removed it from the Play store with immediate effect.  Users who installed the aforementioned app on their Android phone are advised to uninstall it as soon as possible.

In a related development, Google, earlier in the month, dropped 27 gaming apps from Play store. They used to force Android phone users to install a fake Google Play store app and flood the home-screen with full-page ads.

Here’s How to safeguard your mobile phone from adware and other malicious threats:

1) Whether you have an Android mobile or iOS-based iPhone, always stay updated with the latest software. Both Google and Apple send regularly send firmware — especially security patches monthly or on a priority basis, whenever they detect threats. So, make sure you install the latest software.

2) Another good practice is to install a premium Antivirus software on mobile, which offer 24×7 protection. They are equipped to detect threats quickly whenever you unknowingly visit a shady website

3) Never ever open emails or SMS and click URL links sent from unknown senders 

4) Also, never install apps from unfamiliar publishers. 

5) Always download apps from Google Play or Apple App store only. Never install from any third-party app store.