Popular barcode scanner APP turned into malware overnight, and millions of Android phones were hacked by Trojan horses

A popular Android app has been urgently removed from Google Play because this app was updated to spread Trojan horse malware, which in turn resulted in the infection of millions of users' phones. 

Until recently, Barcode Scanner was still an easy-to-use app that provided users with a basic QR Code reader and barcode generator. The app is especially useful for shopping and redeeming discounts. According to data from the website Wayback Machine, the owner of this app launched in 2017 is the developer of Lavabird Ltd, which claims to have downloaded more than 10 million times.

But recently the APP has triggered a series of malicious activities. Users began to notice something strange happening on their mobile phones: their default browser was constantly being hijacked and redirected to random advertisement pages as if they were coming out of thin air. For many people, they don't know exactly what caused the interruption, because many people haven't downloaded any apps at all recently. After many angry victims wrote about their experiences on online forums, one user eventually pointed the finger at the barcode.

Researchers at Malwarebytes, a security software company, have confirmed that the scanner is the culprit and issued a new report stating that the scanner may be updated in December, and malicious software specially created for advertisements was implanted on users’ phones. . The researcher wrote that this update disrupted the previously normal APP, "turning it from a malicious scanner to a completely uncompromising malware."

The reason for turning popular apps into malicious software raises doubts

Researchers specifically distinguished barcode advertising malware from basic advertising SDK software development kits (programs that publishers want to use to publish in-app advertisements for profit), and claimed that "This is not the case with Barcode Scanner." Researchers say that anyone who has implanted malicious code will perform enhanced obfuscation to conceal its existence. They also added that this app seems to have been deliberately updated to turn an otherwise normal app into a malicious app.

The frightening thing is that through a single update, apps that are clearly protected by the Google Play Protect security mechanism can be turned into malicious programs. What puzzles me is that app developers turn popular apps into malware. Is this a conspiracy planned at the beginning to put the APP to sleep first and wait until it becomes popular before launching a raid? I think we will never know the truth.

Although Google has withdrawn Barcode Scanner from the app store, the app still exists on the infected mobile device. Therefore, the user must manually uninstall the APP.

• Barcode-Scanning App for Android Pushed Malware Onto Millions of Phones