Security News > 2021 > February > Google Play Boots Barcode Scanner App After Ad Explosion

Google Play Boots Barcode Scanner App After Ad Explosion
2021-02-09 22:31

A barcode scanner app, with over 10 million downloads, was booted from the Google Play marketplace after users began to complain of mobile-ad overload. The makers of the app, called Barcode Scanner, intentionally altered the code of the app via an update turning it from a benign app to adware, according to researchers.

Tipped by a user, researchers at Malwarebytes explained, the publisher added new heavily obfuscated code to the app that directed the default mobile web browser to launch and serve-up ads - whether the barcode app was active or not.

"Although Google has already pulled this app, we predict from a cached Google Play webpage that the update occurred on Dec. 4, 2020.".

If the Barcode Scanner app has permission to open a new Google Chrome pop-up," Sahar said.

For the millions of users still infected with the Barcode Scanner trojan, Malwarebytes recommends installing a malware scanner or just removing the app altogether.

"It is baffling to me that an app developer with a popular app would turn it into malware. Was this the scheme all along, to have an app lie dormant, waiting to strike after it reaches popularity? I guess we will never know."


News URL

https://threatpost.com/google-boots-barcode-scanner-app-ad-explosion/163803/

Related vendor

VENDOR LAST 12M #/PRODUCTS LOW MEDIUM HIGH CRITICAL TOTAL VULNS
Google 102 256 4320 4678 741 9995