Malware is suddenly loaded into a barcode reader app that has been downloaded more than 10 million times

A situation occurred in which malware was suddenly loaded into the barcode reader application 'Barcode Scanner', which boasted more than 10 million downloads on Google Play. This situation is believed to have occurred since the app update in December 2020, and this app was removed from Google Play at the time of writing the article.

Barcode Scanner app on Google Play infects 10 million users with one update --Malwarebytes Labs | Malwarebytes Labs

https://blog.malwarebytes.com/android/2021/02/barcode-scanner-app-on-google-play-infects-10-million-users-with-one-update/

According to a survey by the security software developer Malwarebytes, it was found that the Trojan horse- type malware was loaded into the Android application 'Barcode Scanner' distributed by 'LAVABIRD LTD'. From around the end of December 2020, many users have said on the forum that 'the browser will open and the advertisement will be displayed without permission', and Malwarebytes said 'Malware via the advertisement SDK with the update on December 4, 2020.' Was prepared. '

Codes for displaying in-app ads are developed and provided by various companies. Malwarebytes confirmed that the Barcode Scanner contains malicious code after the December 4, 2020 update. This code is highly encrypted to evade the detection of anti-virus software, so that it will not only display advertisements originally set by this code, but also access specific sites without permission. It was.

As of February 5, 2021, Barcode Scanner has been removed from Google Play, but it is not uninstalled by the user's device that installed this app, so users will decide and deal with it on their own. is needed. 'It's scary to turn an app that was once used by tens of thousands of people as a legitimate app into a malicious app with just one update,' Malwarebytes concludes.