A utility app by the name of Barcode Scanner was recently taken down from the Google Play Store. The app was found to contain malware and was downloaded over 10 million times from the official Google Play Store. While it has been taken down, users who have already installed the app on their phones may still be at risk.
According to a report by Nathan Collier, a security researcher at Malwarebytes, the app did what it advertised, allowing users to scan barcodes and obtain information. However, malicious code was found on a recent version of the app. This was discovered after the app started acting weird post-installation, and immediately began displaying adware and web redirects to potentially dangerous websites.
Collier also added that previous versions of the app did not feature the malicious code. The app was reportedly signed by the same digital certificate as previous versions, and came from the same developer ‘LavaBird LTD’.
“In the case of Barcode Scanner, malicious code had been added that was not in previous versions of the app. Furthermore, the added code used heavy obfuscation to avoid detection,” said Collier in the report.
Apps on Play Store with malicious code is not new
Malicious apps masquerading as utility tools to make themselves available on the Play Store is not new. Over the past few years, despite improved security measures and policies, a lot of apps that have malicious code often end up on the Play Store and it takes discovery to be made before the app can be taken down.
However, by that time, many people could already have the ..
Support the originator by clicking the read the rest link below.
