Google has deleted a popular Android barcode reader app with more than 10 million installs from the Google Play Store after researchers discovered it had become malicious after the December 2020 update.
After being idle for years, an app has been updated Barcode Scanner Formerly legitimate and developed by Lavabird – it self-propelled and took over users’ devices with malicious code.
And the barcode reading app is now flagged by security vendors as malware.
The malicious behavior suffered by millions of users included watching the default browser run without any user interaction and showing ads promoting other, potentially harmful Android apps.
And theHe said (Nathan Collier), Malwarebytes Researcher: Many customers have installed the app via their mobile devices for extended periods of time, and after updating it in December, it became malware.
It is reported that this is not the first time that malicious code has been found in Android applications.
Typically such incidents involve the use of third-party SDKs via free versions of apps in order to display ads for monetization.
However, in this case, the opaque and signed malicious code with the app was compiled and installed across the devices of more than 10 million users in one fell swoop.
Collier added: To verify that this update is from the app developer itself, we made sure that it was signed with the same digital certificate as previous legitimate versions.
Looking at its malicious target, the researcher said, we bypassed the original Adware to Trojan detection class directly, with Android / Trojan.HiddenAds.AdQR detected.
Google removed the Barcode Scanner app developed by Lavabird from the Google Play Store after receiving information from Malwarebytes in December.
However, there may still be millions of other devices affected and serving unwanted ads to their user base.