malicious Android app: hack millions of devices from the one-click update

In the latest update of the famous barcode scanner app on the Google Play Store, it turns out to be a malware hacker who hacked up to 10 million devices.

Barcode scanner of lavabird ltd, known and present for several years on the Google Play Store and the number of downloads reaching up to 10 million, features a fast reader and also enables you to generate barcodes, a very useful program especially for mobile devices
The application has great confidence and credibility, as there are millions of users working in it for years without any problems to remember, until the last update of the application that downloaded malicious programs

According to what Malwarebytes mentioned, there are many complaints from users who seemed to be bothered by the appearance of several ads on Android devices, mostly the annoying programs and advertisements may be from another malicious program downloaded from external sources, but the users confirmed that they did not install any other programs or applications
After carrying out several investigations by researchers, they reached the conclusion that the barcode scanner application is the first cause of these ads and malware.

As the latest update of the application, which was launched on December 4, 2020, changed a lot of the settings and functions of the application,
such as making the ads appear without prior warning, it is mentioned that most application developers launch free programs while containing ads and this is in support of them and keeping the program free,
unlike paid programs, most of them do not contain advertisements, but recently some paid applications have resorted to programs and advertisements

As Malwarebytes said, the developers use advertising tools that may be from external sources, where users keep the application free, and on the other hand, the developers earn some money for that, but these ads may cross the limits and become a bit aggressive
As for the aggressive ads that appear in the barcode scanner application, most researchers say that malicious software and code were included in the last update in December, and they were hidden with a skill that made detection difficult.
And that the latest update of the application obtained the security certificate, which made the application completely clean

The company Malwarebytes delivered a report to Google and the other withdrew the application from the Google Play Store. As for users who downloaded the application, they must remove it quickly manually.
To evade Google play protection, attackers use only one method, which is to convert a clean smear from the application's SDK package and inject it with malicious and malicious programs,
Whereas in 2019, Android apps were found injected with the Anubis banking trojan, as it spreads when the user moves his phone. This method is also monitored by the trend micro by checking the motion sensor

It is also mentioned that ZDNet has contacted the program’s developers and will inform us of the latest updates and changes to the program

read more :


No comments