Popular Google Play App Turns Out to be Malicious, Infects Millions of Android Devices

Malwarebytes found that the Barcode Scanner app on Google Play infects its millions of users with one update that was issued in December 2020.

After a single update that was issued last year, a popular Google Play app turned into a malware-laced application that was capable of affecting almost 10 million Android devices.

The Android app—Lavabird Ltd's Barcode Scanner—has been available on Play Store for years. The app had 10 million instals and included a QR code reader, as well as a barcode generator.

From Trustworthy to Malicious

Malwarebytes
Malwarebytes

The app looked like legitimate which led millions of users to install it without facing any issues. But Malwarebytes recently revealed that some users have complained about unexpected appearance of adverts on their Android devices.

Usually, this issue appears when users install new app which includes malware or adware. But in the case of the Barcode Scanner, users said they did not install anything recently.

After investigating the issue, researchers found that the culprit is the Barcode Scanner, more specifically an update which was issued in early December, 2020.

The update changed the functions of the previously trustworthy app to push ads without warning. Malwarebytes said that Ad SDKs can come from third-party companies and it can also provide a source of revenue for the app developer—which is a win-win situation for everyone.

"Users get a free app, while the app developers and the ad SDK developers get paid. But every once in a while, an Ad SDK company can change something on their end and ads can start getting a bit aggressive," the cybersecurity company added.

The researchers found that the malicious code was pushed with the December update and was hidden to avoid identification.

google play store
Google Play

However, when Malwarebytes detected the issue with Barcode Scanner app, the security company informed Google. Later, the app was removed from the Play Store. Even though the Barcode Scanner is not available on Google's app store, the users who installed the malicious application earlier, should deleted it from the mobile manually.

"Unless Google Play Protect removes it after the fact, it remains on the device. This is exactly what users are experiencing with Barcode Scanner. Thus, until they install a malware scanner like Malwarebytes for Android, or manually remove the app, it will continue to display ads," explained the security company.

After a single update that was issued last year, a popular Google Play app turned into a malware-laced application that was capable of affecting almost 10 million Android devices.

The Android app—Lavabird Ltd's Barcode Scanner—has been available on Play Store for years. The app had 10 million instals and included a QR code reader, as well as a barcode generator.

From Trustworthy to Malicious

Malwarebytes
Malwarebytes

The app looked like legitimate which led millions of users to install it without facing any issues. But Malwarebytes recently revealed that some users have complained about unexpected appearance of adverts on their Android devices.

Usually, this issue appears when users install new app which includes malware or adware. But in the case of the Barcode Scanner, users said they did not install anything recently.

After investigating the issue, researchers found that the culprit is the Barcode Scanner, more specifically an update which was issued in early December, 2020.

The update changed the functions of the previously trustworthy app to push ads without warning. Malwarebytes said that Ad SDKs can come from third-party companies and it can also provide a source of revenue for the app developer—which is a win-win situation for everyone.

"Users get a free app, while the app developers and the ad SDK developers get paid. But every once in a while, an Ad SDK company can change something on their end and ads can start getting a bit aggressive," the cybersecurity company added.

The researchers found that the malicious code was pushed with the December update and was hidden to avoid identification.

google play store
Google Play

However, when Malwarebytes detected the issue with Barcode Scanner app, the security company informed Google. Later, the app was removed from the Play Store. Even though the Barcode Scanner is not available on Google's app store, the users who installed the malicious application earlier, should deleted it from the mobile manually.

"Unless Google Play Protect removes it after the fact, it remains on the device. This is exactly what users are experiencing with Barcode Scanner. Thus, until they install a malware scanner like Malwarebytes for Android, or manually remove the app, it will continue to display ads," explained the security company.

Related topics : Cybersecurity
READ MORE