Trusted Reviews is supported by its audience. If you purchase through links on our site, we may earn a commission. Learn more.

A PDF scanner downloaded by 100 million Android users contained malware

A very popular Android app called CamScanner, which lets you take photos of documents and turn them into PDFs, has been found to be housing malware. 

CamScanner has been downloaded more than 100 million times by Android users – which is pretty alarming. The malware wasn’t built-in as part of the app, but rather the third-party code used to deliver ads.

Related: Best photo editing apps

Igor Golovin and Anton Kivva of Kaspersky discovered the malware, becoming aware of the problem after noticing that the CamScanner app had been downloaded more than 100 million times, but also had a lot of negative reviews about unwanted content.

The advertising library within the CamScanner app contains the malicious component − a Trojan referred to as Necro.n. 

The pair believes the malware was included due to the app having a partnership with a nefarious advertiser. 

After the discovery was made, CamScanner was reported to Google. The app has now been removed from the Google Play Store.

Necro.n does not actually perform any malicious functions itself but – rather – provides a gateway for bad actors to install modules that could carry out a range of unwanted activities.vThe module could allow for intrusive advertising or the potential to steal money from the Google Play account of the affected device.

If you have the free version of the CamScanner app, you should delete it immediately.

An updated, clean version of the paid-for CamScanner app has reportedly now been released.

Related: Best free VPN

Trusted Reviews has contacted CamScanner for a comment. This article will be updated if we receive a response.

A concerning piece of malware was in the news last week too. On that occasion, the malware was disguised as popular VPN software NordVPN. The malware was a trojan that  was hidden amongst VPN downloads on a website created to look like it was NordVPN’s.

Why trust our journalism?

Founded in 2003, Trusted Reviews exists to give our readers thorough, unbiased and independent advice on what to buy.

Today, we have millions of users a month from around the world, and assess more than 1,000 products a year.

author icon

Editorial independence

Editorial independence means being able to give an unbiased verdict about a product or company, with the avoidance of conflicts of interest. To ensure this is possible, every member of the editorial staff follows a clear code of conduct.

author icon

Professional conduct

We also expect our journalists to follow clear ethical standards in their work. Our staff members must strive for honesty and accuracy in everything they do. We follow the IPSO Editors’ code of practice to underpin these standards.