Google is removing a popular barcode reader app
Google has deleted a popular Android barcode reader app with more than 10 million installations from the Google Play Store after researchers discovered it had become malicious after the December 2020 update.
After being idle for years, the previously legitimate Barcode Scanner app developed by Lavabird has been self-updating and has taken over users' devices with malicious code.
And the barcode reading app is now flagged by security vendors as malware.
The malicious behavior that millions of users suffered included watching the default browser run without any user interaction and displaying ads promoting other, potentially harmful Android apps.
"Many customers have installed the app via their mobile devices for extended periods of time," Nathan Collier, a researcher at Malwarebytes, said, and after updating it in December, it became a malware.
It is reported that this is not the first time that malicious code has been found in Android applications.
Such incidents usually involve using third-party SDKs via free versions of apps in order to display ads for monetization.
However, in this case, the opaque and signed malicious code with the app was compiled and installed across the devices of more than 10 million users in one fell swoop.
Collier added: To verify that this update is from the app developer itself, we made sure that it was signed with the same digital certificate as previous legitimate versions.
Looking at its malicious target, the researcher said, we directly bypassed the original Adware to Trojan detection class, with Android / Trojan.HiddenAds.AdQR detected.
Google removed the Barcode Scanner app developed by Lavabird from the Google Play Store after receiving information from Malwarebytes in December.
However, there may still be millions of other devices affected and serving unwanted ads to their user base.