Unfortunately, cyber attacks continue to increase. And Android is one of its main objectives. The latest example? An application available on Google Play has been recording your conversations for more than a year.
As reported from a ArsTechnica post in which they indicate that the Android recording application called iRecorder Screen Recorder has been recording our conversations without permission for some time.
Immediately delete iRecorder Screen Recorder from your phone
The worst of all, The thing is that the app was working as a screen recorder for a year, without any type of malware. In this way, since its launch in September 2021 it has behaved like a normal app.
The problem is that, After being updated in August 2022, it began recording one minute of audio every 15 minutes and forwarding those recordings, via an encrypted link, to the developer’s server.
All this information has been documented by Essential Security Against Evolving Threats (ESET) researcher, Lukas Stefanko, because it is a pretty serious topic. In this way, the developer has had access to all user conversations.
In this publication they point out that malicious code was added in the 2022 update “based on the open source AhMyth Android RAT (Remote Access Trojan).
And taking into account that accumulated more than 50,000 downloads before being removed from Google Play, You must take extreme precautions. Furthermore, they make it clear that we are completely vulnerable to attacks of all kinds.
This developer’s idea is very good, although it is a crime. Launch the app without malicious code so that it passes Google Play controls. Then, wait a reasonable amount of time for it to accumulate downloads, and end up launching an update with malicious code.
In this case, We are not clear if the developer was the one who added this malicious code, or if he sold the app on the Dark Web to computer attackers so that they corrupt the iRecorder Screen Recorder application.
But what is clear is that we will not be able to easily eliminate this problem of apps that are updated with malicious code. And we greatly fear that The best thing you can do is only use applications from reputable developers. And if you can avoid them and use native solutions on your phone, all the better.