Even the best Android apps can be exploited. Especially when malicious code is injected by hackers, which is exactly what happened to a popular screen recorder app in the Google Play store.
According to a new report from cybersecurity firm ESET, the app "iRecorder - Screen Recorder," which has been installed over 50,000 times, recently began offering remote access trojans (RATs) to unsuspecting users The company says.
What makes this news particularly interesting is that the app itself was uploaded to the Play Store in 2021 without any malicious features. However, when version 1.3.8 of iRecorder - Screen Recorder was released in August 2022, the app began infecting the best Android phones with malware.
The app was subsequently removed from the Play Store after ESET reported it to Google, but if you have it installed, you must manually remove it from your smartphone.
Also, if you are interested in recording the screen of your Android smartphone, I will show you how to record using the built-in app already installed on your phone. This way you can completely avoid shady apps like iRecorder - Screen Recorder.
The new version of the iRecorder - Screen Recorder app includes a customized version of the open source AhMyth Android Rat, which ESET now calls AhRat.
Once this malware is installed on a user's smartphone, it can record audio and upload it to a command and control (C&C) server managed by the hackers behind this campaign. However, this malware can also steal all kinds of files from the compromised device, from photos and videos to documents and even stored web pages.
As ESET points out in its report, the malicious behavior exhibited by iRecorder - Screen Recorder suggests that the now malicious app is part of a spying operation. However, the company's researchers could not attribute the app to any specific cybercriminal group or hacker.
The possibility of a good app turning malicious is a scary idea that boggles the mind, but Google has already implemented precautions against this type of malicious activity in Android.
Starting with Android 11, the search giant's mobile operating system includes a feature called app hibernation, which allows apps that have been dormant for several months to be hibernated. This resets all permissions granted to the app and prevents the app from being used maliciously.
If you are still concerned, you should consider installing one of the best Android antivirus apps that will constantly scan your smartphone for malware and other viruses; Google Play Protect also has this feature, and if your budget is preinstalled on all Android phones if you have a limited budget. However, many Android antivirus apps also offer other security features such as VPNs and password managers.
iRecorder - Screen Recorder is the only app that ESET has so far identified as spreading AhRat malware, but others may appear in the future. Therefore, please make sure that your Android smartphone is always up-to-date with the latest version.
Comments