Cybersecurity experts have warned Android users about an application on Google Play Store, which has reportedly affected 10 million devices. At the end of last year, cybersecurity experts at MalwareBytes began receiving reports about the Barcode Scanner app from LAVABIRD LTD, which has been downloaded more than 10 million times.
And users who downloaded the app reported that ads were suddenly opening from the default browser on their Android device. MalwareBytes received a notification that the offending perpetrator was the “Barcode Scanner Android” app. The application was removed from the Google Play Store, after MalwareBytes notified LAVABIRD LTD.
It was discovered that the application, which appeared to be harmless for years, had turned into another “full of malware” after the update.
MalwareBytes experts revealed the threat in an online post: “In the case of Barcode Scanner, malicious code was added that was not present in previous versions of the app. Moreover, the added code used extreme opacity to avoid detection.” In their study, they also shared a short video clip showing the suspicious code in action. Users are informed that the new update of the application activates unwanted ads in the browser from nothing, and the browser heads to a spam page with an annoying advertisement trying to get the target user to download an application.
If you downloaded “Barcode Scanner” previously, “MalwareBytes” recommends removing the application manually. Instead, if you have a malware scanner on your Android phone, it should be able to detect the threat.
“It’s difficult to tell how long Barcode Scanner spent in the Google Play Store as a legitimate app before it became malicious,” MalwareBytes added. “Based on the large number of installs and user comments, we suspect it has been around for years. It’s scary that with One update could turn an app into malicious while it’s under the “Google Play Protect” radar. The app developer who owns a popular app will convert it into malware. Was that the way to go all the time? The app is idle, waiting for a strike after it arrives To the popular? I guess we’ll never know. “