I hope this is not too off-topic, but I can't be the only one here who thought 'I don't remember any distro called Linux Logo...' before clicking and seeing my mistake. Cute nostalgia either way.
I believe these bad reviews might be a result of the malware app pushing bad reviews to the zxing app page on google play, using an in app 'rate this app?' -> low rating -> send to the zxing app in Google Play (instead of the malware app in google play).
As noted above, I believe this to be the case. I had the other app and started receiving full page ads for it. Totally different developer, but same app name. I am no longer able to find that app in the play store.
I think those bad reviews on https://play.google.com/store/apps/details?id=com.google.zxi... are because the malware probably used the zxing qr library, and there might be traces left in it, or these users are just confused (or the malware app deliberately pointed low star reviewers to the github competitor app in the play store). As others have stated, this github app with the bad reviews hasn't been updated for a long time.
Hang on a second, something is fishy here. I had an issue that the mirrors what was happening on the zxing reviews. I was getting a full page ad every 15 minutes or so after unlocking my phone.
The rub? It wasn't this app. It was another one that was also called barcode scanner. It was also beginning to garner negative reviews, which the developer (had a Ukranian email address) had begun responding to saying the app was perfectly legal because it was serving ads only inside the app itself.
I'm wondering if that deluge of bad reviews is directed at the wrong app? I'll look to see if I can still find the google play page for the one I had.
Also, I had that app for a LONG time before it started displaying this kind of behavior just last month, which also corresponds to the bad reviews starting on the zxing app.
I had this app too, and I remember thinking it was weird because I think an official google developer blog (or something like that) mentioned the need to install it, as there was no built in QR code reader at the time. I can't remember which old phone I had it on though.
I also think those reviews might be left by people who can't find the original offending app because it's been removed. https://www.apkshub.com/app/com.qrcodescanner.barcodescanner seems to show it had BILLING permission though, which is always an alarm bell.
The one on apkshub is the one mentioned in the blog. Google has removed it from google play. https://play.google.com/store/apps/details?id=com.google.zxi... is a completely different, open source app, with unexplained bad reviews, probably nothing to do with the malware, and hasn't been removed by google.