Security News > 2021 > February > Google Play Boots Barcode Scanner App After Ad Explosion
A barcode scanner app, with over 10 million downloads, was booted from the Google Play marketplace after users began to complain of mobile-ad overload. The makers of the app, called Barcode Scanner, intentionally altered the code of the app via an update turning it from a benign app to adware, according to researchers.
Tipped by a user, researchers at Malwarebytes explained, the publisher added new heavily obfuscated code to the app that directed the default mobile web browser to launch and serve-up ads - whether the barcode app was active or not.
"Although Google has already pulled this app, we predict from a cached Google Play webpage that the update occurred on Dec. 4, 2020.".
If the Barcode Scanner app has permission to open a new Google Chrome pop-up," Sahar said.
For the millions of users still infected with the Barcode Scanner trojan, Malwarebytes recommends installing a malware scanner or just removing the app altogether.
"It is baffling to me that an app developer with a popular app would turn it into malware. Was this the scheme all along, to have an app lie dormant, waiting to strike after it reaches popularity? I guess we will never know."
News URL
https://threatpost.com/google-boots-barcode-scanner-app-ad-explosion/163803/