Android users warned as single Google Play Store app infects 10million devices

We will use your email address only for sending you newsletters. Please see our Privacy Notice for details of your data protection rights.

Android fans are being warned about a popular app found on the Google Play Store app marketplace. Security experts MalwareBytes towards the end of last year started receiving reports about the Barcode Scanner app from LAVABIRD LTD, which has over 10million installs. All of sudden users that had downloaded the app reported that ads were opening on the default browser on their Android device out of nowhere.

MalwareBytes received a tip-off that the offending culprit was the Barcode Scanner Android app.

The app has since been taken down from the Google Play Store after MalwareBytes notified the Mountain View firm.

And it was discovered that the app, which looks like it had remained innocuous for years, turned into “full on malware” following an update.

Revealing the threat in a post online, MalwareBytes said: “In the case of Barcode Scanner, malicious code had been added that was not in previous versions of the app.

“Furthermore, the added code used heavy obfuscation to avoid detection.”

Google Play Store: How to update on an Android device

In their study MalwareBytes also shared a short video showing the nefarious code in action.

In the clip the home screen of an Android device is shown, and out of nowhere the browser opens up.

The browser heads to a spam page with an annoying advert that tries to get the targeted user to download an app.

Prior to the Barcode Scanner app being taken down the download had received tens of thousands of positive reviews.

While the app has been removed from the Play Store, if you still have the app on your Android phone then you could be at risk.

If you have downloaded installed Barcode Scanner previously then MalwareBytes advises removing the app manually.

Alternatively, if you have a malware scanner on your Android phone then it should be able to detect the threat.

MalwareBytes went onto add: “It is hard to tell just how long Barcode Scanner had been in the Google Play store as a legitimate app before it became malicious.

“Based on the high number of installs and user feedback, we suspect it had been there for years. It is frightening that with one update an app can turn malicious while going under the radar of Google Play Protect. It is baffling to me that an app developer with a popular app would turn it into malware. Was this the scheme all along, to have an app lie dormant, waiting to strike after it reaches popularity? I guess we will never know.”

Source: Read Full Article