Google Play Nov 2020 JoeSource: Joe Maring / Android Central

What you need to know

  • A popular barcode scanning app was taken off the Play Store after it was found to contain malware.
  • Barcode Scanner reportedly did not include the malware until a recent update on December 4th, 2020.
  • The app was apparently available through Google Play Pass and had over 10 million installs.

Google has gotten pretty good at spotting malware on its app store, which features a built-in security suite called Play Protect that can notify you of suspicious or unknown apps. Even on the Chrome Web Store, Google was able to take down a popular extension due to malware that was injected into the code following an update. Unfortunately, this sort of thing can happen more than we realize, and some apps can slip through the cracks, leading to the recent takedown of a popular Play Store app for this very reason.

Barcode Scanner AppSource: Malwarebytes

Barcode Scanner, which was developed by app publisher LavaBird LTD, was a simple Play Store app that allowed users to scan barcodes and QR codes. The description claimed that the app was "Free, fast, secure, easy," but at least one of those claims turned out to be a lie, at least after a recent update. It was discovered by Malwarebytes that the app was recently updated to include an "Android/Trojan.HiddenAds.AdQR" code that would take users to a third-party ad site on the device's default browser.

VPN Deals: Lifetime license for $16, monthly plans at $1 & more

It was likely a ploy to gain ad revenue by pushing them on users in a malicious way, especially considering the app included code to try and conceal itself. Fortunately, the app has been discovered and removed from the Play Store. Unfortunately, it has already been installed by more than 10 million devices and was reportedly part of Google Play Pass, which means that millions of smartphones could be subject to malware from this app.

It should be noted that the app didn't really do much that most, if not all, of the best cheap Android phones could do with their built-in camera applications, so having an app like this on your smartphone is largely redundant. And legitimate apps like Google Lens can always pick up the slack for whatever your phone can't already do.