It has long been the case that malicious codes, such as viruses, various Trojans and others are the prerogative of computers only. Over time, they are becoming more common, even in the case of our mobile phones regardless of the brand, whether it is a phone Xiaomi, Samsung, Huawei and the like., and they are often distributed through many common channels that they should not be. One of them is the Google Play store, where from time to time it slips something it shouldn’t, even though the store generally has the best protection mechanisms.
The latest malware alerted by the malwarebytes security group has been distributed through a regular application that serves as a Barcode Scanner. About the bad app informing technology portal vosveteit. It is a popular application with more than 10 million downloads in Google Play, what is quite much.
The simple Barcode Scanner has turned into “devilish” software
While Barcode Scanner (com.qrcodescanner.barcodescanner) has long looked like an innocent application, everything changed in early December last year, when an update was released for it. However, it did not bring new features, but malicious malware.
Most free apps contain some kind of advertising. This is done by inserting an ad SDK into the code of application. In the case of paid applications, this kit is usually absent because developer is earning money by different way how to show ads. However, some developers abuse this piece of code and work more aggressively with advertising. Therefore, they are later included in the category of Adware.
“In the case of the Barcode Scanner, malicious code has been added that was not in previous versions of the application. In addition, the added code used heavy fogging to prevent detection. To verify that it came from the same application developer, we have confirmed that it was signed with the same digital certificate as the previous clean versions. Because of his malicious intent, we skipped our original Adware detection category directly to Trojan with Android / Trojan.HiddenAds.AdQR detection.”
The application above actively displays ads outside the application’s interface, while among other things, it automatically opens users to malicious websites or displays various alerts. It all happens in the background without having the app turned on.
If you have the application installed on your device, we recommend that you remove it from your smartphone as soon as possible.