An Android app started secretly recording users almost a year after it was listed on Google Play


Smartphone apps can change their conduct effectively after you obtain them, turning a as soon as innocent-seeming app into one thing a lot worse.

p>span:first-child]:text-gray-13 [&_.duet–article-byline-and]:text-gray-13″>

Share this story

A phone with a recording app installed and running on screen

a:hover]:text-black [&>a:hover]:shadow-underline-black darkish:[&>a:hover]:text-gray-e9 darkish:[&>a:hover]:shadow-underline-gray-63 [&>a]:shadow-underline-gray-13 darkish:[&>a]:shadow-underline-gray-63″>Harmless-seeming apps will be trojan horses to your data.
a:hover]:text-gray-63 [&>a:hover]:shadow-underline-black darkish:[&>a:hover]:text-gray-bd darkish:[&>a:hover]:shadow-underline-gray [&>a]:shadow-underline-gray-63 darkish:[&>a]:text-gray-bd darkish:[&>a]:shadow-underline-gray”>Picture: Amar Toor / The Verge

An Android recording app referred to as iRecorder Display Recorder started as an harmless display screen recording app however turned evil practically a 12 months after it was first launched, as detailed by Ars Technica. The app first got here out in September 2021, however after an replace the next August, it started recording a minute of audio each quarter-hour and forwarding these recordings, by way of an encrypted hyperlink, to the developer’s server. The entire thing is documented in a blog post from Important Safety in opposition to Evolving Threats (ESET) researcher Lukas Stefanko.

Within the put up, Stefanko stated the app was up to date in August 2022 to incorporate malicious code “based mostly on the open-source AhMyth Android RAT (distant entry trojan).” The app had 50,000 downloads by the point it was reported and faraway from the Play retailer. Stefanko added that apps with AhMyth embedded in them had made it past Google’s filters before.

Rip-off apps aren’t new on both Apple’s or Google’s app shops. Recorder apps can be especially bad, typically having predatory subscription pricing and faux evaluations to inflate their visibility on these platforms. And Stefanko’s weblog put up highlights a very sticky drawback: apps turning to the darkish facet after you’ve had them for some time, utilizing the permissions you granted them on the outset to assemble delicate data out of your system and shuttle it off to the developer for nefarious actions.

This specific app is gone, however what’s to maintain one other sleeper agent from activating in your telephone? Google is at least working on updates that can let you know by way of month-to-month notification which, and when, apps have modified their data-sharing practices — if it finds out, that’s.


Leave a Reply

Your email address will not be published. Required fields are marked *