[tusharpandey13]

Beware, the play store version shows full screen ads, auto redirects and needs contacts permissions.

[riphdd2020]

Is there any proof for this, apart from those bad reviews? The blog mentions another (now removed app) with the package name com.qrcodescanner.barcodescanner, not the open source one at https://play.google.com/store/apps/details?id=com.google.zxi...

I believe these bad reviews might be a result of the malware app pushing bad reviews to the zxing app page on google play, using an in app 'rate this app?' -> low rating -> send to the zxing app in Google Play (instead of the malware app in google play).

[Rooster61]

As noted above, I believe this to be the case. I had the other app and started receiving full page ads for it. Totally different developer, but same app name. I am no longer able to find that app in the play store.

[simonmales]

Ah, looks like mine installation is actually from FDroid, and never realised.

[rjmunro]

I've installed from Google Play, and never seen any ads. It has contacts permission, but that's because sharing contacts with a QR code is something I use it for frequently (it can generate codes as well as scan them).