The not-so-good part about Google Play has once again been revealed, as a result of the discovery of an app that has managed to achieve more than 100 million downloads – the app contains malicious component which downloaded secret payloads on the infected android devices.
Most of us have known CamScanner to be a legitimate app that goes on to provide useful functions as far as the scanning and managing of documents is concerned. In order to make a profit and make some money, the developers of the app not only displayed apps, but also went on to offer in-app purchases.
However, things soon changed for the app, as the harmless app that we knew before was not anymore. The app was subject to being updated in order to add an advertising library which actually contained malicious module. It was actually this component which is quite popularly known as “Trojan dropper.” This meant that on regular occurrences, it downloaded encrypted code from a developer-designated server based at https://abc.abcdserver[.]com and then proceeded on to decrypting and then finally executing it on all the infected devices. The module, which has now been named as Trojan-Dropper. AndroidOS. Necro. ncould download and also execute whatever the developers wanted at any time. Researchers who have spent time on the app have also revealed that surprisingly enough, they have found Trojan-Dropper.AndroidOS.Necro.n previously, lurking inside apps which happen to be Pre-installed in some of the phones that have been sold in China.
Must Read: Mate 30 series to be delayed?
A post from Kaspersky Lab, to which the researchers belonged to, said : “The above-described Trojan-Dropper.AndroidOS.Necro.n functions carry out the main task of the malware: to download and launch a payload from malicious servers. As a result, the owners of the module can use an infected device to their benefit in any way they see fit, from showing the victim intrusive advertising to stealing money from their mobile account by charging paid subscriptions.”
This incident just underscores the challenge that users of Android face when looking for useful apps on Google Play. It’s understandable that Google scanners can’t catch everything. The case is ever more so intensified when you consider that some developers sneak malicious or unethical code into the apps that have already successfully passed initial inspections. In this case, there is absolutely nothing that Google scanners can do.