IF YOU'RE DOWNLOADING A PDF TODAY, and do it with a particular Android PDF maker, then you're in for a big surprise.
That's because Kaspersky security researchers Igor Golovin and Anton Kivva claim that CamScanner, a popular Android PDF app, is quietly downloading malware onto a user's phone.
"The owners of the module can use an infected device to their benefit in any way they see fit, from showing the victim intrusive advertising to stealing money from their mobile account by charging paid subscriptions," the researchers said.
The security smart folks note that the app itself doesn't appear to be a malicious one, but rather it contains a trojan that gathers spyware and other malware from a malicious server and then runs in on a victim's phone. This trojan, dubbed Necro.n appears to have been sneaked into the app through the use of a legit-looking advertising library package.
As such, the developers of the app, which has received some 100 million downloads, might not even realise their software is causing their users a malware headache.
Google was alerted to the security breach but the Kaspersky researchers and it subsequently yanked the app from the Play Store.
The app now appears back on the Play Store, with Kaspersky noting that it looks like the app developers managed to purge the malicious code from their software with the latest update of CamScanner.
But the security gurus offered a warning all the same: "Keep in mind, though, that versions of the app vary for different devices, and some of them may still contain malicious code."
Given this whole attack vector popped out of a legit and popular app, it shows how difficult it can be to keep the cyber nasties at bay.
Not to sound too much like a security software firm, but we'd recommend an Android antivirus and also adding a bit of extra diligence to checking apps and what their users are saying about them before tapping the download button. µ
Put a Ring-Con on it
We know. We're as surprised as you are
It's available across all major UK networks