Tens of millions of Android users have been urged to delete an app found to contain malicious software (malware).
Researchers from cybersecurity firm Kaspersky say recent versions of the popular app 'CamScanner' had an advertising library containing a "malicious module".
"It looks like app developers got rid of the malicious code with the latest update of CamScanner," the firm says.
"Keep in mind, though, that versions of the app vary for different devices, and some of them may still contain malicious code.
- 'Agent Smith' might be in your phone
- Fake fingerprints can probably unlock your phone - researchers
- The cyber threats to watch out for in 2019
"What we can learn from this story is that any app - even one from an official store, even one with a good reputation with millions of positive reviews and a big, loyal user base - can turn into malware overnight."
It's unclear how many devices could have been infected.
"To make sure you never find yourself in trouble, use a reliable antivirus for Android app and scan your smartphone from time to time," Kaspersky says.
In a statement, CamScanner said a new version of the app has been released.
Experts say if you're having doubts, you should delete the old version and install the new one.
"It is said the average consumer has around 40 applications on their phone they will use frequently," Matthew Hickey, spokesman for security firm Hacker House Matthew, told the BBC. "So ensure you regularly review those applications that you are not using."