Beware! Screen Recording App Transforms Into Trojan; Uninstall Right Away

    Author: Vikas Yadav
    Thu, 25 May 2023 08:30 PM (IST)

    CYBER security firm ESET discovered ‘iRecorder – Screen Recorder,’ an app that transformed into a trojan threat one year after its first appearance on the Google Play Store. The app has an estimated 50,000+ installs on the app market. However, the package was not infused with malicious code at the time of its debut on September 19, 2021.

    The app changed routes later. iRecorder was injected with malicious codes aiming to collect user data, likely in August last year, in version 1.3.8. As per Ars Technica, the app recorded audio every 15 minutes and shared it with the developer.

    Also Read: Malware Alert! Fleckpe-Infected Apps On Google Play Store Might Bring You Financial Losses | Details Inside

    How The Program Works?

    The purpose of the Android app was to record the screen interface based on user request, Lukas Stefanko, ESET researcher, shared in a post. However, after 11 months, the ability to remotely access the microphone and record audio was added in a subsequent update. The saved recording could be sent to the “attacker’s command and control (C&C) server” along with other sensitive files.

    The researcher installed the app on multiple devices and the commands to record a one-minute audio and share it with the C2 server remained the same every 15 minutes.

    ESET named the threat AhRat. A point worth noting is that the app was rated 4.2 in the screenshot shared by ESET. If a user had updated to the above-stated version, they would have been unintentionally subject to the AhRat exploit even without granting in-app permissions.

    The cybersecurity company, as a Google App Defense Alliance partner, shared the findings with Google. After the red flag, iRecorder was taken down from the Google Play Store. However, the app might be available on other app stores. Hence, we recommend you uninstall the app right way.

    Additionally, the report adds that “preventive” measures are already in place in devices having Android 11 thanks to App hibernation.

    Safety Measures:

    However, we recommend you keep a check on your microphone usage via the Privacy dashboard on Android. Plus, use the brand-provided app to record the screen. Lastly, in case you need an external screen recorder, download an app from a popular and trusted developer.

    Source link

    Latest articles


    Related articles