This Malicious App on Google Play Infected 10 Million Users
Google has some policies and checks in place to prevent malware from reaching apps downloaded from the Play Store. However, at times, malicious apps and updates find their way to the users. Something similar happened recently with an app called Barcode Reader.
According to a recent report by the Malware Bytes, the application was loaded with malware via an update. It had more than 10,000,000 installs and was being used by users for as long as seven years.
Malware Bytes reports that the nefarious update was tracked to 4th December 2020. Once the update was in place it began serving ads to users by way of incessant pop-ups. A Malwarebytes forum user noted the influx of ads and alerted the cybersecurity firm which investigated. As soon as Malware bytes started receiving reports about the Malware, it added the Google Play detection and the app was immediately removed.
Malware bytes writes,
In the case of Barcode Scanner, malicious code had been added that was not in previous versions of the app. Furthermore, the added code used heavy obfuscation to avoid detection. To verify this is from the same app developer, we confirmed it had been signed by the same digital certificate as previous clean versions. Because of its malign intent, we jumped past our original detection category of Adware straight to Trojan, with the detection of Android/Trojan.HiddenAds.AdQR.
We still don’t know if the app was hijacked or if it was originally made with malicious intent.