Once again, the Google Play Store is being called out. This is an app called CamScanner in which malware was discovered. The app, downloaded more than 100 million times, contained in its most recent version a "Trojan-Dropper" virus.
It was via a report from the security editor Kaspersky that the malware was exposed. CamScanner, an Android application that allows the creation of PDF files, housed the malicious virus.
"CamScanner was actually a legitimate app, with no malicious intensions whatsoever, for quite some time. It used ads for monetization and even allowed in-app purchases. However, at some point, that changed, and recent versions of the app shipped with an advertising library containing a malicious module."
Kaspersy calls this type of malware a "Trojan-Dropper". In practice, Trojan-Dropper software is designed to secretly install malware embedded in its code on victims' computers and is used to secretly install Trojans. "For example, an app with this malicious code may show intrusive ads and sign users up for paid subscriptions," says Kaspersky. The problem had even been reported by several users of the app in comments on the Play Store, with many citing "suspicious behavior".
As soon as it was alerted, Google deleted the app from the Play Store. The developers also removed the malware from the application code during the last update.
A recurring problem in the Play Store
This case is yet another reminder of Google's difficulty in correctly filtering the new applications available on its app store. The Mountain View firm may be making efforts in this area, but it still does not seem to be able to offer the same security as iOS and its App Store. As a result, one such case is revealed almost every month. If the application store offers greater freedom for developers to publish their application, it should be able to avoid this type of inconvenience, especially in the case of application updates that already have millions of downloads.