What you need to know
- A popular barcode scanning app was taken off the Play Store after it was found to contain malware.
- Barcode Scanner reportedly did not include the malware until a recent update on December 4th, 2020.
- The app was apparently available through Google Play Pass and had over 10 million installs.
Google has gotten pretty good at spotting malware on its app store, which features a built-in security suite called Play Protect that can notify you of suspicious or unknown apps. Even on the Chrome Web Store, Google was able to take down a popular extension due to malware that was injected into the code following an update. Unfortunately, this sort of thing can happen more than we realize, and some apps can slip through the cracks, leading to the recent takedown of a popular Play Store app for this very reason.
Barcode Scanner, which was developed by app publisher LavaBird LTD, was a simple Play Store app that allowed users to scan barcodes and QR codes. The description claimed that the app was "Free, fast, secure, easy," but at least one of those claims turned out to be a lie, at least after a recent update. It was discovered by Malwarebytes (opens in new tab) that the app was recently updated to include an "Android/Trojan.HiddenAds.AdQR" code that would take users to a third-party ad site on the device's default browser.
It was likely a ploy to gain ad revenue by pushing them on users in a malicious way, especially considering the app included code to try and conceal itself. Fortunately, the app has been discovered and removed from the Play Store. Unfortunately, it has already been installed by more than 10 million devices and was reportedly part of Google Play Pass, which means that millions of smartphones could be subject to malware from this app.
It should be noted that the app didn't really do much that most, if not all, of the best cheap Android phones could do with their built-in camera applications, so having an app like this on your smartphone is largely redundant. And legitimate apps like Google Lens can always pick up the slack for whatever your phone can't already do.
Derrek is a long-time Nokia and LG fanboy who loves astronomy, videography, and sci-fi movies. When he's not working, he's most likely working out or smoldering at the camera.
I had this app installed for years and it worked fine. Then a month or two ago I started getting random browser windows opening from time to time. I went uninstalling apps trying to figure out what it was. It turned out to be this one. I do wish Android had some better way to figure out what app is triggering automated actions on your device. Maybe there's some way to do it with adb or something, but my adb-fu is insufficient for that task.
This is a great (and free) alternative that I use: https://www.androidcentral.com/e?link=https%3A%2F%2Fwww.anrdoezrs.net%2F...
Until it's found to be malware
Get the best of Android Central in in your inbox, every day!
Thank you for signing up to Android Central. You will receive a verification email shortly.
There was a problem. Please refresh the page and try again.