Malware Infested Play Store App Expelled
The Play Store is home to over 4 million applications accessible through Android-powered devices and recently, Chromebooks. It is the single most populated application storefront where users can download apps (paid or free) on their smartphones, tablets, and laptops.
The large volume of programs would present an incredibly hard task of examining and removing malicious apps that are sometimes posted on the store even the entity at the helm is Googe.
Recent reports indicate that the task of identifying malicious programs can be overwhelming even for Google.
The reason for this is some of these programs seem to pop up from the most unlikely of places as reputable developers with a large following and impressive scores on the Play Store can be guilty of pushing apps that are riddled with malicious code.
Google was forced to bring down the hammer on hugely popular CamScanner app developed and manage by Shanghai-based CC Intelligence after the search giant learn it was serving the data snatching code through its app.
CamScanner, made available in 2014 isn’t the only app developed by CC Intelligence as the China-based company is specialized in OCR — acronym for Optical Character Recognition– through which it has created and distributed apps that capture text.
Through research conducted by Russia based antivirus company Kaspersky, it was discovered that recent flavors of the CamScanner app contain an advertising library that has a Trojan designed to deliver malware to Android devices.
Ads and in-app purchases are usually the means in which companies are able to generate revenue on the Play Store but this particular version of the app doesn’t only stop at showing intrusive ads, it goes further by signing unsuspecting users up for paid subscriptions.
As the researchers point out, the so-called trojan dropper is configured in such a way that it connects to the attackers’ servers, where additional code is automatically downloaded, and then quietly executed on an Android device that has the app installed.
The incident isn’t the first of its kind as Google was recently forced to remove over two hundred apps that affected over four hundred million Android users with an embedded ad library called BeiTaPlugin.
Kaspersky researchers argued that the two incidents could be similar and app developers are being duped into adding malicious code to their apps through partnerships with unscrupulous advertisers.