‘When Good Apps Get Bad’ is currently the name of the digital game. The Great Jarretel a browser extension recently showed its true colors, and it is now the longtime Android favorite “Barcode Scanner” application, despite the more than 10 million installations, to use it at purgatory.
Our usual advice applies, with one important caveat: if you have Barcode Scanner installed on your Android device and Google has not already uninstalled the app on your behalf, it is just as well to get rid of it anytime soon. However, make sure you get rid of the right one. Malwarebytes’ recent report describes the Barcode Scanner app of Lavabird:
“… in the case of Barcode Scanner, malicious code was added that was not in previous versions of the app. Furthermore, the added code used heavy embezzlement to prevent detection. To verify that it comes from the same app developer, we confirmed that it was signed by the same digital certificate as previous clean versions. Due to malicious intent, we jumped over to our original Adware detection category directly to Trojan, with Android / Trojan.HiddenAds.AdQR detection. ”
There is another Barcode Scanner app from ZXing, it does not come with malware (as of this writing). This is probably the Barcode Scanner app you are thinking of, as it is virtually available for Android as long as the operating system exists. It’s good to use, though it’s becoming review-bombed to hell because people assume it’s the malware app of the same name. Sigh.
How can you see what is which? If you do not know the app icon, you can always go up Settings> Applications & Notifications> View All … Applications> Barcode Scannerand then tap Advanced> App Details, which you need to take to the list in the Google Play Store. (The steps for your specific Android device may differ slightly). If the list of Google Play Store does not exist, you have the bad Barcode Scanner app and you need to remove it immediately.
G / O Media can get a commission
And if you’re wondering if there’s anything you could do about the Barcode Scanner app with malware? Not really. If an app has built up an established presence in the Google Play Store, provides a useful service, and has not been a problem for years, there is nothing you can do to dismiss the developer intention to exploit all the benevolence for ominous means.
Of course, you notice that something is strange when your device starts to act – a browser is launched in this case without any interaction on your part – but it will be difficult to determine what is causing the problem. Generally, you want to see which of your apps have been recently updated and start digging, but it’s also possible that an app that was updated months ago is just causing some sort of malware mechanism or other malicious practice (hoping it will not be caught).
It probably won’t hurt to install an app like this Malwarebytes’ anti-malware and run it from time to time; it can at least warn you if apps on your device are newly suspicious. You do not even have to requires the premium version of the app: Regular free scans should be fine (along with the app’s privacy audit feature). You can aAlso consider Sophos Intercept X, the ad-filled Avast Antivirus, and many others.
While I feel it is rare situation to have an app goes like this rogue, and probably one that does not run a real-time scanner on your device, it never hurts to have some such tools that sit when your phone starts doing something strange. If it does happen, do a little scanning, check for recently updated programs, and run them some custom web searches to see if you can identify them the issue. Chances are good that if your phone is behaving rattle, there is an app to blame.