Pangolin Store

CamScanner's malware shows why you need to be vigilant online

CamScanner's malware shows why you need to be vigilant online

A screenshot of the CamScanner homepage taken on August 28, 2019.

An app like CamScanner could have been held as an example of why technology makes life easier.

The premise of the app is great. It’s supposed to help you scan documents with your phone, share them, enhance image quality, and even extract text through something called optical character recognition.

It’s an app that is useful for students, office workers, and just about anybody else.

Unfortunately, a recent report by Kaspersky Lab has turned CamScanner into cautionary tale about why you must always stay vigilant when it comes to privacy and security on the internet.

The app included an ad library that included a malicious dropper component. Upon further study, Golovin and Kivva identified this component as something called Trojan-Dropper.AndroidOS.Necro.n.

According to researchers Igor Golovin and Anton Kivva, this malware’s main purpose is “to download and launch a payload from malicious servers. As a result, the owners of the module can use an infected device to their benefit in any way they see fit, from showing the victim intrusive advertising to stealing money from their mobile account by charging paid subscriptions.”

That’s right, unscrupulous people could send you content that you didn’t want to see, and even steal your money.


While the majority of apps on the Google Play store are not infected with any malware, it is concerning that something with over 100 million downloads could still be infected with malware.

Even worse, people had been leaving negative reviews about the app that hinted at strange or unexpected features. This is something that was noted by Golovin and Kivva, and perhaps something that should have been investigated by Google.

Remember, you must be at the forefront of your own digital security. You’ve got to take responsibility of the safety of your information and use the right tools to insulate yourself from cybercriminals. The CamScanner case is a perfect example of how companies like Google can still miss out on something dangerous being spread throughout their digital distribution centers.

Here are a few other blog posts that will teach you to protect yourself online:

Join the Pangolin Community

Sign up to get notified about our latest blog posts, and get updates about Pangolin!