China Considers New Rules to Limit Purchases of Foreign AI Chips Amid Growing Demand 
Nvidia Denies Upfront Payment Requirement for H200 AI Chips Amid China Export Scrutiny 
TSMC Shares Hit Record High as AI Chip Demand Fuels Strong Q4 Earnings 
Publishers Seek to Join Lawsuit Against Google Over Alleged AI Copyright Infringement 
Taiwan Issues Arrest Warrant for OnePlus CEO Over Alleged Illegal Recruitment Activities 
Anthropic Appoints Former Microsoft Executive Irina Ghose to Lead India Expansion 
Trump Pushes Tech Giants to Absorb AI Data Center Power Costs, Citing Microsoft Changes 
Micron to Buy Powerchip Fab for $1.8 Billion, Shares Surge Nearly 10% 
SK Hynix to Invest $13 Billion in Advanced Chip Packaging Plant as AI Memory Demand Surges 
xAI Restricts Grok Image Editing After Sexualized AI Images Trigger Global Scrutiny 
Starlink Internet Remains Active in Iran Despite Nationwide Blackout 
South Korea Sees Limited Impact From New U.S. Tariffs on Advanced AI Chips 
Google Seeks Delay on Data-Sharing Order as It Appeals Landmark Antitrust Ruling 
U.S. Lawmakers Raise Alarm Over Trump Approval of Nvidia AI Chip Sales to China 
Microsoft Strikes Landmark Soil Carbon Credit Deal With Indigo Carbon to Boost Carbon-Negative Goal 
TikTok Expands AI Age-Detection Technology Across Europe Amid Rising Regulatory Pressure 
South Korea Seeks Favorable U.S. Tariff Terms on Memory Chip Imports 
Smartphone users are usually less suspicious of mobile apps that have millions of installs. Unfortunately, it was recently discovered that a very popular barcode scanning app with more than 10 million downloads eventually became malware.
Popular Barcode Scanner app becomes a malware
The app in question, simply named Barcode Scanner, was reportedly available on the Google Play Store for years. Some users have had it installed on their devices for a long time as well.
In a post on Malwarebytes blog, mobile malware researcher Nathan Collier reported that app users started to sound the alarm around December when ads frequently showed up “out of nowhere” through their default browser.
One Malwarebytes forums member named Anon00 eventually narrowed down the problem to a Barcode Scanner app. Upon further analysis, Collier reported that it appeared the app had been safe to use until after an update released sometime in December.
In-app ads have become very common over the years, especially with apps that are free to use. As the post explained, developers typically use an ads software development toolkit (SDK). When a mobile app eventually enforces over-the-top advertising activities, the change is usually applied through the SDK and not on the app’s code. But Malwarebytes reported this was not the case with the Barcode Scanner.
Last December, the said update is believed to have added a code that made the app into “a full on malware.” Collier reported, “Furthermore, the added code used heavy obfuscation to avoid detection.” The malware evaded the security measures of Google Play Protect, and it was not clear how long the app was able to remain undetected since it went rogue.
In a 50-second video demonstrating the replication of the malware execution, it appears that the intrusive ads show up unprompted. “This is different from web redirects that occur while actively browsing the web,” the security researcher added.
Android users confuse malware-infused app with another popular ‘Barcode Scanner’
Unfortunately, the blog post did not initially include a link to the malware-infected app. Many apps are simply named “Barcode Scanner” on the Google Play Store, and Android users thought the one developed by ZXing Team with more than 100 million installs was the malicious app being reported.
To clarify, ZXing Team’s product is a different app, and there is no report to suggest that it is not safe to use. The malware-infected app was developed by LAVABIRD LTD and used to be located in this link. It has been removed from the Google Play Store, but LAVABIRD LTD has four active apps on the Play Store as of this writing.
Featured photo by mohamed_hassan on Pixabay
