{"id":17937,"date":"2018-05-16T08:00:47","date_gmt":"2018-05-16T12:00:47","guid":{"rendered":"https:\/\/www.psafe.com\/en\/blog\/?p=17937"},"modified":"2022-04-27T15:24:24","modified_gmt":"2022-04-27T19:24:24","slug":"malware-hidden-in-qr-reader-apps-infects-android-devices","status":"publish","type":"post","link":"https:\/\/www.psafe.com\/en\/blog\/malware-hidden-in-qr-reader-apps-infects-android-devices\/","title":{"rendered":"Malware Hidden in QR-Reader Apps Infects Android Devices"},"content":{"rendered":"<p><span style=\"font-weight: 400;\">Malware hiding within apps is nothing new to the industry, but the latest occurrence has a focus on QR-Code readers &#8211; and worst of all, the malware itself is smart. This begs the question, how do you prevent your phone from being a casualty? <\/span><\/p>\n<p><span style=\"font-weight: 400;\">One way to ward off malicious apps is to download a third-party security app such as <a href=\"https:\/\/app.appsflyer.com\/com.psafe.msuite?pid=MKT_BLOG_US&amp;c=malware_qrreader_apps_android%20\" target=\"_blank\" rel=\"noopener\">dfndr security<\/a>, which includes a <\/span><span style=\"font-weight: 400;\">full-virus scan feature<\/span><span style=\"font-weight: 400;\">. A scan of your Android device will do a deep dive into your files and even your SD card. Worried that you might forget to scan your phone regularly? Not a problem, just use scheduled scans which can run while you\u2019re asleep. <\/span><\/p>\n<p><b>Read More: <\/b><a href=\"https:\/\/www.psafe.com\/en\/blog\/safe-download-apps-outside-google-play\/\"><b>Is it Safe to Download Apps Outside of Google Play?<\/b><\/a><\/p>\n<p><span style=\"font-weight: 400;\">In this latest case of infected apps, a piece of malware known as \u2018Andr\/HiddnAd-AJ\u2019 (try to say that ten times fast) was able to load itself onto a number of apps designed to read QR-Codes. Apps infested with the malware included: QR Code \/ Barcode Reader, QR Code Free Scanner, and QR &amp; Barcode Scanner. There were a total of seven apps infected, and the malicious apps were downloaded over 500,000 times before being pulled by the Google Play Store.<\/span><\/p>\n<p><span style=\"font-weight: 400;\">We know how hard it can be to avoid malware in a world filled with it, but here are a few tips to get you started on a safer journey through the endless world of Android apps.<\/span><\/p>\n<p><b>Download Only Official Sources<br \/>\n<\/b><span style=\"font-weight: 400;\">We\u2019re aware that this point may appear moot as we noted that the infected apps came from the official Google Play Store, but even though an <\/span><a href=\"https:\/\/www.wired.com\/story\/google-play-store-malware\/\"><span style=\"font-weight: 400;\">official source may not be 100% clean<\/span><\/a><span style=\"font-weight: 400;\">, it\u2019s still much safer than downloading an app elsewhere. Despite missing the occasional piece of malware, Google has quite a positive record of keeping their ecosystem clean from the mess.<\/span><\/p>\n<p><b>Avoid Apps From the Web<br \/>\n<\/b><span style=\"font-weight: 400;\">As you can infer from our last comment, you\u2019re best to avoid downloading apps directly from the Internet or\u00a0something you found on social media. These apps are more likely to be infected with dangerous malware and are typically prefaced with a request to turn off a security feature to allow app installations from \u2018unofficial sources.&#8217; Take this as an immediate red flag and don\u2019t download.<\/span><\/p>\n<p><b>Watch Those Permissions<br \/>\n<\/b><span style=\"font-weight: 400;\">Once you\u2019ve downloaded an app from an official source such as Google Play or Amazon App Store, try to remain aware. Legitimate apps ask for permissions to<\/span><a href=\"https:\/\/www.psafe.com\/en\/blog\/guide-controlling-permissions-android\/\"><span style=\"font-weight: 400;\"> access certain parts of your system<\/span><\/a><span style=\"font-weight: 400;\">. In some circumstances, this is normal but use your best judgment. A new email app would request access to your contacts, but why would a QR-Code reader need the same? <\/span><\/p>\n","protected":false},"excerpt":{"rendered":"<p>QR Code, a seeming byproduct of a postage stamp and a barcode, has been infected with malware.<\/p>\n","protected":false},"author":83,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_crdt_document":"","footnotes":""},"categories":[5],"tags":[30,210,182,545,67],"class_list":["post-17937","post","type-post","status-publish","format-standard","hentry","category-security","tag-android","tag-apps","tag-malware","tag-safety","tag-smartphone"],"_links":{"self":[{"href":"https:\/\/www.psafe.com\/en\/blog\/wp-json\/wp\/v2\/posts\/17937","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.psafe.com\/en\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.psafe.com\/en\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.psafe.com\/en\/blog\/wp-json\/wp\/v2\/users\/83"}],"replies":[{"embeddable":true,"href":"https:\/\/www.psafe.com\/en\/blog\/wp-json\/wp\/v2\/comments?post=17937"}],"version-history":[{"count":7,"href":"https:\/\/www.psafe.com\/en\/blog\/wp-json\/wp\/v2\/posts\/17937\/revisions"}],"predecessor-version":[{"id":18715,"href":"https:\/\/www.psafe.com\/en\/blog\/wp-json\/wp\/v2\/posts\/17937\/revisions\/18715"}],"wp:attachment":[{"href":"https:\/\/www.psafe.com\/en\/blog\/wp-json\/wp\/v2\/media?parent=17937"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.psafe.com\/en\/blog\/wp-json\/wp\/v2\/categories?post=17937"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.psafe.com\/en\/blog\/wp-json\/wp\/v2\/tags?post=17937"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}