Security Market Segment LS
Wednesday, 28 August 2019 11:43

CamScanner on Android contains malware Featured

By
CamScanner on Android contains malware Adapted from Kaspersky's report image

The free version of CamScanner on Android contains malware, remove it now.

CamScanner is a scan-to-PDF tool for mobile devices that has had in excess of 100M downloads and comes in a free (ad-supported) and in a paid version.

Researchers from Kaspersky have identified an issue with a recent version of CamScanner. The malware resides in the advertising plug-in, which is why the paid version continues to be safe. The actual CamScanner software continues to be safe, but it is obviously impossible to avoid the advertising module when the free version is used.

CamScanner has been available via the Google Play Store for some considerable time and it is only in the past few months that reports have surfaced of 'odd' behaviour. It appears that the developers added a new advertising management module that contained the module "Trojan-Dropper.AndroidOS.Necro.n" which has previously been observed in apps pre-installed on some Chinese smartphones.

According to Kaspersky, the module is a trojan dropper, meaning that "the module extracts and runs another malicious module from an encrypted file included in the app's resources. This 'dropped' malware, in turn, is a Trojan Downloader that downloads more malicious modules depending on what its creators are up to at the moment."

This means that it is capable of connecting to malicious servers to access whatever 'bad' modules the controllers want to execute on your phone.

More details of the malicious code and other important information may be found on Kaspersky's posting on SecureList. 

Google has removed the free version of CamScanner from the Play Store; the paid version remains.

BUSINESS WORKS BETTER WITH WINDOWS 1O. MAKE THE SHIFT

You cannot afford to miss this Dell Webinar.

With Windows 7 support ending 14th January 2020, its time to start looking at your options.

This can have significant impacts on your organisation but also presents organisations with an opportunity to fundamentally rethink the way users work.

The Details

When: Thursday, September 26, 2019
Presenter: Dell Technologies
Location: Your Computer

Timezones

QLD, VIC, NSW, ACT & TAS: 11:00 am
SA, NT: 10:30 am
WA: 9:00 am NZ: 1:00 pm

Register and find out all the details you need to know below.

REGISTER!

ADVERTISE ON ITWIRE NEWS SITE & NEWSLETTER

iTWire can help you promote your company, services, and products.

Get more LEADS & MORE SALES

Advertise on the iTWire News Site / Website

Advertise in the iTWire UPDATE / Newsletter

Promote your message via iTWire Sponsored Content/News

Guest Opinion for Home Page exposure

Contact Andrew on 0412 390 000 or email [email protected]

OR CLICK HERE!

David Heath

David Heath has had a long and varied career in the IT industry having worked as a Pre-sales Network Engineer (remember Novell NetWare?), General Manager of IT&T for the TV Shopping Network, as a Technical manager in the Biometrics industry, and as a Technical Trainer and Instructional Designer in the industrial control sector. In all aspects, security has been a driving focus. Throughout his career, David has sought to inform and educate people and has done that through his writings and in more formal educational environments.

VENDOR NEWS & EVENTS

REVIEWS

Recent Comments