According to its official description, Camscanner scans documents using optical character recognition (OCR) and converts them into PDF files. The app appears legitimate and seemingly depends on advertisements revenue and in-app subscriptions to keep it running, but it’s clear that somewhere down the line, one of these advertising libraries contained the malicious module. Researchers at Kaspersky named the malware “Trojan-Dropper.AndroidOS.Necro.n,” or simply Trojan-Dropper. According to the reaserchers, the trojan malware extracts and run malicious modules in the background. To make things worse, the malware creator can use it for their benefit in any way they deemed profitable. Kaspersky also mentions that this module is often found in some pre-installed app in Chinese smartphones. Enabling the module to display intrusive ads and sign up users for paid subscriptions without consent. Researchers at Kaspersky has since escalated the malware issue to Google. At the time of writing, Camscanner has already been taken off Google Play Store, although the licensed and HD version of the app is still available.
Google Play Store is usually safe, and Android users have had the option of reviewing an app before they’re even installed on the device. Unfortunately, there are unscrupulous coders are able to sneak their malware on to certain apps on the Play Store from time to time. (Source: Arstechnica, Kaspersky)