A Trojan Dropper malicious module was found hidden in the Android App CamScanner that has been downloaded over 100 million times by Google Play Store Users.
Kasperski security researches found it while taking a closer look at the app after negative reviews were posted over the past few months.
The researchers found that the developer added an advertising library that contains a malicious dropper component.
The malicious component can be used to push ads to the infected devices as well as install unwanted apps without the user’s knowledge. While the app CamScanner was initially a legitimate Android app at some point that changed and the recent versions of the app shipped with this malicious advertising library.
“As a result, the owners of the module can use an infected device to their benefit in any way they see fit, from showing the victim intrusive advertising to stealing money from their mobile account by charging paid subscriptions,” found the researchers.
Google has removed the app from the Play Store after Kasperski reported their findings but they also added that it looks like the app developers got rid of the malicious code with the latest update of CamScanner.