Android
Android users: Delete this app; it’s been secretly recording its users
This Android recorder app has been secretly recording its users for over a year.
Ever feel like you’re being watched… or listened to? If you’re using an Android device, prepare for a not-so-fun surprise.
ESET researchers at WeLiveSecurity have uncovered an Android app secretly recording users’ lives. This app is harboring AhRat, a sneaky Remote Access Trojan (RAT) built off of the open-source malware platform AhMyth.
The culprit? “iRecorder – Screen Recorder.” It launched in 2021 and racked up over 55,000 installs from the Google Play Store. Yikes.
This once-legitimate screen-recording app has taken a dark turn within just a year and now specializes in stealing files with specific extensions as well as eavesdropping on your microphone recordings.
That’s right, folks – this app is all up in our personal space, poking its nose into matters that don’t concern it.
“Initially, the iRecorder app did not have any harmful features. What is quite uncommon is that the application received an update containing malicious code quite a few months after its launch.“
AhRat seems to be particularly focused on certain victims, hinting at an espionage angle. But even if you’re not part of any high-stakes political dealings, who wants their favorite late-night shower tunes exposed to the world?
Here’s the real issue: Open-source malware platforms are fertile ground for variations like AhRat, leaving everyday Android users vulnerable to snooping digital thieves.
Keep calm and remember the basics: Stick to verified app stores, religiously update your security patches, and resist those urge clicks on dodgy downloads. Be safe, be smart, and stay one step ahead of this digital peeper.
As for the iRecorder app itself, Google removed it from the Play Store after ESET’s report. As a sigh of relief, ESET says they have not detected any other AhRat instances anywhere else in the wild.
For the full rundown, head on over to ESET’s blog, WeLiveSecurity for the full report. What I covered here is just the tip of the iceberg.
Have any thoughts on this? Drop us a line below in the comments, or carry the discussion over to our Twitter or Facebook.
Editors’ Recommendations:
- Millions of Android TVs & phones could be preinstalled with malware
- Android users, malware riddled apps are flooding the Play Store
- Android may finally split ringtone volume and notifications sliders
- These Android apps are riddled with malware – delete them