A popular app was removed from Google Play after it was discovered that it delivered Trojan malware to millions of users. phones via an update.
Until recently, Barcode Scanner was a simple program that provided users with a basic QR code reader and a barcode generator, useful for things as make purchases and redeem discounts. The app, which has been around since at least 2017, is the owner of developer Lavabird Ldt., And claims to have more than 10 million downloads. the Wayback Machine show.
However, a result of malicious activity was recently returned to the app. Users have noticed something strange going on with their phones: their default browsers are still hijacked and redirected to random ads, seemingly out of nowhere. For some people, it was not clear what caused the disruption – because many have not downloaded any programs recently. After enough victims wrote about their experiences on a web forum, one user finally pointed the finger at Barcode.
Malwarebytes researchers have confirmed that the scanner is the culprit, and set a new report it shows it delivered the ad-producing malware on users’ phones, most likely via a December update. The update spoiled the previously benign app, and it took from ‘an innocent scanner to malicious programs’, researchers write.
G / O Media can get a commission
Researchers distinguish Barcode’s ad-pushing malware from basic ad SDKs – programs used by publishers to start in-app advertising for monetization purposes – claiming that “this was not the case” with Barcode Scanner. Whoever injected the malicious code used heavy embezzlement to hide the fact that it was there, researchers say, adding that the app apparently deliberately changed from a normal app into a malicious app via the update. They write:
It’s scary that an app with one update can get malicious while going under the radar of Google Play Protect. It’s surprising to me that an app developer with a popular app can turn it into malware. Was it always the plan to let an app rest and wait to strike after it became popular? I think we will never know.
While Google Barcode Scanner ripped out of its app store, it is not away from affected devices. Users of the app will still have to manually remove it from their phones.
The owner of Barcode Scanner, Lavabird Ltd., was established in 2020 and is registered at an address in London, according to available online records. The company’s director, Dmytro Kizema, lives in Ukraine.
Gizmodo has reached out to Lavabird and will be up to date when we hear it.