Malware continues to evolve. The recent discovery surrounding the Barcode Scanner app confirms this. This popular barcode scanner app is infecting Android devices with malware. This after its latest update.
The malware that circumvented Google’s security.
According to Malwarebytes security researchers, Barcode Scanner was a harmless app until December 2020. Apparently around this time the barcode and QR code scanner app received an update. This update added a malicious code that was not present in previous versions. In corroboration, Nathan Collier, mobile malware researcher, Malwarebytes said, “In the case of Barcode Scanner, malicious code was added that was not in previous versions of the app. In addition, the added code used extensive obfuscation to avoid detection.”
The app has more than 10 million downloads from the Google Play Store. The same was removed from the store. However, Google’s Play Protect service did not notice it. This because the app used a lot of obfuscation to bypass the security review. Thus it got the signature of the same digital certificate used in previous versions. Which meant it came from the same developer LavaBird LTD. This contributed to Play Protect not detecting and removing it earlier.
What to do if this malware attacks my device
Once installed the updated application fills users with adware. In addition, it automatically redirects to suspicious websites without user interaction.
In this regard, Malwarebytes claims that Google was privately notified and has removed the app from the Play Store. However, so far Google has not yet used its Play Protect tool to notify users that they still have this malware installed on their phones. Therefore, users should act on their own and remove the app from their phones quickly.
In case you have any barcode scanner app with suspicious behavior installed on your phone do the following: go to the app’s settings. Once there corroborate the app’s package name. If the application has the package name com.qrcodescanner.barcodescanner, uninstall it immediately.
Checkout best antimalware software.