Eblogtip.com
  • Categories
    • News
    • Technology
    • Domains
    • Hosting
    • Promotions

Archives

  • June 2023
  • May 2023
  • December 2022

Categories

  • News
  • Technology
  • Uncategorized
eBlogTip
  • Categories
    • News
    • Technology
    • Domains
    • Hosting
    • Promotions
  • News

This top Android screen recorder app is actually spyware, so delete now

  • May 24, 2023
Total
0
Shares
0
0
0


After almost a year of working properly and being cleanly distributed through the Play Store, a popular Android screen recording app has turned on its users, recording their calls, stealing files, and even listening in to the sounds of the device’s environment.

Cybersecurity researchers from ESET found the app, named iRecorder – Screen Recorder, which was added to the Play Store in September 2021, turned sour in August 2022. 

In the year before malicious code was apparently added, more than 50,000 people had downloaded the app, the report said. 

Unknown motives

The malware that was subsequently added is based on the open-source AhMyth Android Remote Access Trojan (RAT), but was heavily modified. ESET says whoever modified the code took their time to understand the code of both the app and the back end. ESET’s researchers dubbed the malware AhRat.

The threat actors behind the compromise are unknown, and so are their motives. But given the functionalities of AhRat, all things point to an espionage campaign, the researchers said. After all, besides the screen recording feature (which isn’t malicious), the app can record ambient audio picked up by the endpoint’s microphone, and exfiltrate files such as saved web pages, images, audio, video, document files, and more.

“The AhRat research case serves as a good example of how an initially legitimate application can transform into a malicious one, even after many months, spying on its users and compromising their privacy. While it is possible that the app developer had intended to build up a user base before compromising their Android devices through an update or that a malicious actor introduced this change in the app; so far, we have no evidence for either of these hypotheses,” ESET researcher Lukáš Štefanko said. 

In other words, there’s a slight chance the app was taken over by malicious actors and used in a supply chain attack.

The iRecorder app versions 1.3.8 and older are not malicious, it was said, but if you updated it in the meantime, chances are – you’ve been compromised. The worst part is that the victims didn’t even need to grant the app any further permissions. The app has since been removed from the Play Store.


Source link

Total
0
Shares
Share 0
Tweet 0
Pin it 0
Previous Article
  • Technology

SoundCloud lays off 8% of staff as it aims to reach profitability this year

  • May 24, 2023
View Post
Next Article
  • Technology

DataOps.live gets $17.5M from Snowflake, others for DevOps-style tools aimed at data experts

  • May 24, 2023
View Post
You May Also Like
View Post
  • News

Beware, this WhatsApp link will instantly crash your Android phone

  • May 31, 2023
View Post
  • News

iPhone 15 screen sizes: What we’re expecting

  • May 31, 2023
View Post
  • News

Amazon to Pay $25 Million to Settle Children’s Privacy Charges

  • May 31, 2023
View Post
  • News

First-gen Chromecast owners will need to upgrade after Google terminates support

  • May 31, 2023
View Post
  • News

U.S. Will Require All New Cars to Have Automatic Braking Systems

  • May 31, 2023
View Post
  • News

AMD may be embarrassing Nvidia in the mid-range GPU market

  • May 31, 2023
View Post
  • News

This video maker’s new AI editing tool picks your best takes for you

  • May 31, 2023
View Post
  • News

LG C3 OLED: everything you need to know

  • May 31, 2023

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

eBlogTip.com
  • Categories

Input your search keywords and press Enter.