Cybersecurity: Experts have discovered a spy app capable of listening to and recording your conversations

A malicious update to a downloaded application gave more than 50,000 dangerous functions capable of violating user privacy.

communicate. Image: Unsplash.

In recent days, cybersecurity experts have warned about a popular screen recording app It hides spy-capable malware by recording user conversations. It's about the application iRecorder – Screen Recorderhas been available on the Google Play Store since 2021 which was Over 50,000 downloads.

The app is simply known as iRecorder Basic functions of Android devices screen recording, But the malicious update made in August 2022 gave it serious potential to Violating device privacy.

Pirates.  Photo: Freebeck.Pirates. Photo: Freebeck.

After this change, the application can Activate the cell phone microphone Without user consent, Record conversations For 60 seconds every 15 minutes Download stored files To external servers without any kind of license.

According to the research team from ESET, It was likely version 1.3.8 of the app that started iRecorder's malicious behavior. This update includes Extract microphone recordings and steal files with specific extensions, Which indicates possible involvement in A Spy campaign.

WhatsApp messages.  Global Photography Reuters

You may be interested in:

Beware of WhatsApp scams: Why you should delete old contacts from the app

This is how the spy app works

iRecorder is allowed Record Android device screen. But after updating the application became… Capable of recording audio From the device's microphone and upload it to the attacker's command and control (C&C) server. Moreover, I can Capture and send Files such as saved web pages, images, audio and video files, and documents from your device.

WhatsApp phone calls will be simpler.  Image: UnsplashCell phone. Image: Unsplash

camilo Gutierrez Amaya, The head of the ESET Research Lab in Latin America noted that “it is rare that a developer uploads a legitimate application, waits for almost a year and then updates it with malicious code,” which “has been added to the clean version of iRecorder” and “it depends on The open source Android RAT (Remote Access Trojan) AhMyth has been customized to become what we call AhRat.”

See also  A silent cyberattack has nearly put computers around the world at risk

While the open source malware AhMyth has been used before Transparent tribea cyber espionage group known for targeting government and military organizations in South Asia, ESET explained Current malware samples cannot be attributed to any specific group.

Trusted pages are those that start with

You may be interested in:

A practical guide to avoiding scams: How to protect yourself from phishing and fake URLs on the Internet

What do I do if I install iRecorder?

If you have iRecorder installed on your Android device, it is recommended Uninstall it and perform these steps:

  • Change passwords for all accounts and profiles.
  • Review the permissions granted to other apps and remove those that you do not use or that you think are suspicious.
  • Scan the device using antivirus software.

Lovell Loxley

"Alcohol buff. Troublemaker. Introvert. Student. Social media lover. Web ninja. Bacon fan. Reader."

Leave a Reply

Your email address will not be published. Required fields are marked *

Back to top