Vulnerable Components: CamScanner

Camscanner is a highly popular mobile application used to convert images to PDF files. A recent investigation into this app by Kaspersky Labs has uncovered a vulnerable component used by the application, designed to carry out malicious activity on the devices of users with the vulnerable version of CamScanner installed.

While it is common for us to trust applications that we download from popular app stores such as the Apple App Store and Google Play, and most of the time we are safe in doing so, the sheer quantity of applications available on these platforms makes it impossible for them all to be moderated sufficiently, especially when many of these application are updated on a regular basis. CamScanner’s recent incident is a perfect example of how malicious content can make its way onto our trusted app stores.

By design, CamScanner was not intended to be malicious. However, as is the case with many application and services, the developing companies are employing the use of ads to earn revenue in turn for offering their apps and services free of charge. The issue here is that often these advertisements are sourced via third-party components and, if these are compromised, it can cause vulnerabilities to be opened in legitimate applications, such as the case with CamScanner.

In CamScanner’s circumstance, the third-party advertisement component in use received an update to its advertising library which contained a malicious module that was clearly overlooked by all parties. The purpose of this module was to install malware onto the user’s device.

Google removed the vulnerable app from the Play Store immediately, and the app now appears to be patched with the vulnerable component removed. If you are one of the many users of CamScanner, it is essential that you download the latest version of the application immediately!