A hugely popular Android app that takes high quality photographs of documents has been found to contain malware. Cam Scanner has been downloaded more than 100 million times by Android users. However, cyber-security researchers at Kaspersky say they found that a recent version contained malicious code in the part of the app that delivers ads.
The malware could have made it possible to show users intrusive ads or snoop on login credentials. Kaspersky’s researchers noted that Cam Scanner was a “legitimate” app, but think that the snippet of malicious code found in it was third-party code used to serve ads within apps.
A spokeswoman for Kaspersky told the BBC that researchers did not examine the iPhone version of Cam Scanner to see if it was also affected. The free version of Cam Scanner for Android is currently not available on Google’s Play Store in the UK. Cam Scanner said it had released a new version of the app, with the malicious code removed.
I have Cam Scanner installed, what should I do?
If you have automatic updates enabled for your apps, which many people do, there is a chance you have a version of CamScanner containing malware on your device. If in doubt, it is best to delete CamScanner and wait for a new version to be launched and tested by cyber-security researchers, said Matthew Hickey at security firm Hacker House.
Users may also use an anti-virus app to check for any malicious software that might have been installed. “It is said the average consumer has around 40 applications on their phone they will use frequently, so ensure you regularly review any of those applications that you are not using,” he told the BBC.
Mr Hickey also advised users who have mobile banking apps to be particularly cautious and use an anti-virus app that can regularly check for malicious code. This was important because there had been a “sharp increase” recently in discoveries of malware infecting apps on the Google Play app store, he added.