CamScanner, the app in question, is a PDF creator app that boasted more than 100 million installations via Google Play. Per a CNN report Thursday, however, the Android version of the app has been determined to have been "injected with malware" from an advertiser that boasted the potential for intrusive advertising methods for users. The iOS edition is not affected by this discovery.
In a statement addressed to 'dear CamScanner Android users," the app's developers said they had recently detected that the ad SDK provided by AdHub contained a "malicious module." The team also said legal action was being pursued.
"Injection of any suspicious codes violates the CamScanner Security Policy!" the CamScanner team said. "We will take immediate legal actions against Adhub! Fortunately, after rounds of security check, we have not found any evidence showing the module could cause any leak of document data."
An updated edition of the Android app for Google Play is now being worked on, with CamScanner offering a direct link for users to download the latest version on Wednesday.