“When good apps go wrong” seems to be the name of the digital game today. The great hanger The browser extension recently showed its true colors, and now joining it in the malware purgatory is Android’s favorite application “Barcode Scanner” – despite its more than 10 million installations.
Our usual advice applies, with one important caveat: if you installed Barcode Scanner on your Android device and Google has not yet removed the app on your behalf, now is a good time to get rid of it. However, make sure you are eliminating the correct one. Malwarebytes’ recent report describes the Barcode Scanner application of Lavabird:
“… in the case of Barcode Scanner, malicious code was added that was not in previous versions of the application. In addition, the added code used heavy obfuscation to avoid detection. To verify that it is from the same application developer, we confirm that it was signed by the same digital certificate as the previous clean versions. Because of its malicious intent, we skipped our original category of Adware detection straight into the Trojan, with the detection of Android / Trojan.HiddenAds.AdQR. “
There is another Barcode Scanner application, ZXing, which does not come with malware (at the time of writing). It’s probably the Barcode Scanner app you’re thinking about, since it’s been available for Android practically since the operating system existed. It’s good to use, although it’s getting bombed review to hell because people assume it’s the malware app with the same name. Sigh.
How can you check which is which? If you can’t tell by the app’s icon, you can always pull up Settings> Apps & notifications> See all … apps> Barcode readerand then tap Advanced> Application details, which should take you to the list on the Google Play Store. (The steps for your specific Android device may differ slightly). If the Google Play Store listing does not exist, you have an invalid Barcode Scanner app and should remove it now.
G / O Media can receive a commission
What if you’re wondering if there’s anything you could have done about the malware-filled Barcode Scanner app? Not really. If an app has built an established presence on the Google Play Store, offers a useful service and has not been an issue for so many years that it exists, there is nothing that will inform you about a developer intention to take advantage of all that goodwill by harmful means.
Of course, you will notice that something is strange when your device starts up – a browser being launched without any interaction on your part, in this case – but it will be difficult to identify what is causing this problem. Generally speaking, you will want to see which of your apps have been updated recently and start searching, but it is also possible that an app updated a few months ago is triggering some kind of malware engine or other dubious practice (with the hope that it won’t get caught) ).
It probably wouldn’t hurt to install an app like Malwarebytes Anti-Malware and run it from time to time; this can at least alert you if the apps on your device are acting suspiciously. You don’t even need the premium version of the app: Regular free checks should work (along with the app’s privacy audit feature). You can onealso consider Sophos Intercept X, the full of advertising Avast Antivirus, and many others.
Although I feel it is rare situation of having a rogue application like this, and probably one that doesn’t guarantee a real-time scanner running on your device, it never hurts to have some of these tools out there, in case your phone starts doing something weird. If that happen, do a check, check which apps have been updated recently and conduct some web searches of your own to see if you can identify the problem. Chances are good that if your phone is looking like spam, it’s an app’s fault.