Finding a shady app on the Google Play Store is no easy task, even with Google Play Protect doing its best to weed out the bad apples. But what’s even trickier? Identifying when a once-trusted app has gone rogue. It’s like searching for a needle in a haystack, and we all know how challenging that can be.
Unfortunately, legitimate Android applications often fall prey to hacking schemes, leaving users vulnerable to malicious intent. A investigation by ESET, a prominent cybersecurity firm, revealed that the seemingly innocuous iRecorder – Screen Recorder app has been engaging in some seriously sneaky behaviour. Turns out, this widely-used app has been covertly dispensing a remote access trojan (RAT) to unsuspecting users, all while remaining incognito and completely off their radar.
Launched in September 2021, this particular app seemed like a harmless addition to the digital realm. However, things took a dark turn after an update rolled out in August of the following year, when it was modified to include custom malicious code based on the open-source AhMyth Android RAT. The app then started secretively capturing a full minute of audio every 15 minutes, discreetly funneling those recordings through an encrypted link straight to the developer’s server.
The app was installed over 50,000 times before Google was able to remove it from the Play Store.
The existence of scam apps is no stranger to the realms of both Apple’s App Store and Google’s Play Store. However, recorder apps have earned themselves quite the notorious reputation. These deceptive apps sometimes employ predatory subscription pricing tactics and resort to fake reviews, all in an attempt to boost their visibility and prey on unsuspecting users.
However, the real cause for concern lies in the alarming observation by ESET – apps can take an insidious turn after residing on your device for a significant period of time. These apps, armed with the permissions you originally granted them, exploit their access to gather sensitive information from your device covertly. The collected data is then surreptitiously transmitted to the app developer, who wields it for nefarious activities.
While this specific app has already been removed from the Google Play Store, one can’t help but wonder: what’s keeping another innocent app from spying on you?
