This popular Android app may have served up malware to millions
Google Play Pass app barcode scanner app went from legitimate to malicious with just one update
When you purchase through links on our site, we may earn an affiliate commission.Here’s how it works.
AGoogle Play Passapp called Barcode Scanner has been accused of spamming millions of users with unwanted adverts.
The news came from users on the forum of security firm Malwarebytes, who began noticing that ads were randomly opening in their web browsers on theirAndroiddevices.
Developer LavaBird LTD’s app Barcode Scanner has previously allowed users to scanQR codesand generate barcodes before it received an update in December of last year. After the update though, what was once an innocent scanner turned into full on malware.
The Barcode Scanner app then began opening users' default browsers and showing them ads for other apps as well as recommending that they upgrade apps already installed on their devices in order to boost their performance.
The app in question had over 10m installs on theGoogle Play Storebefore it was taken down, though some users may still have it installed on their devices.
Malicious update
In order to provide apps to users for free, manyfree appsonGoogle Playinclude some kind of in-app advertising by including an ad SDK in their code. However, sometimes an ad SDK can change something on their end that makes their ads become more aggressive. Sometimes these changes can even transform an app intoadware.
However, with Barcode Scanner, this wasn’t the case as the malicious code added in the update was not found in previous versions of the app. Malwarebytes also discovered that the added code used heavy obfuscation to avoid detection. The cybersecurity firm also verified that the update came from LavaBird LTD by confirming that it had been signed by the same digital certificate as previous versions of the app.
Are you a pro? Subscribe to our newsletter
Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed!
Due to Barcode Scanner’s obvious malicious intent, Malwarebytes looked even further into the app’s code to discover atrojanin the form of Android/Trojan.HiddenAds.ADQR.
Users that still have Barcode Scanner installed on their devices should delete the app immediately to avoid being served unwanted and even malicious ads in their browsers.
ViaAndroid Police
After working with the TechRadar Pro team for the last several years, Anthony is now the security and networking editor at Tom’s Guide where he covers everything from data breaches and ransomware gangs to the best way to cover your whole home or business with Wi-Fi. When not writing, you can find him tinkering with PCs and game consoles, managing cables and upgrading his smart home.
Phishing attacks surge in 2024 as cybercriminals adopt AI tools and multi-channel tactics
This new phishing strategy utilizes GitHub comments to distribute malware
Arcane season 2 finally gave us the huge Caitlyn and Vi moment we’ve been waiting for – and its creators say ‘we couldn’t have done it in season one’
