How an innocuous app morphed into a trojan – Week in security with Tony Anscombe

ESET analysis uncovers an Android app that originally had no dangerous options however months later changed into a spying software

This week, ESET malware researcher Lukas Stefanko revealed how an initially reputable Android app morphed right into a malicious trojan that might steal customers’ recordsdata and report surrounding audio from the gadget’s microphone after which exfiltrate it. The app, named iRecorder – Display screen Recorder, was first listed within the Google Play Retailer in September 2021, with the malicious code added virtually a yr later. ESET analysis named the malware AhRat and it’s a customization of the open-source AhMyth distant entry trojan (RAT). The app was downloaded 50,000-plus instances earlier than it was detected by ESET and faraway from the Android retailer by Google.

For a technical writeup, head over to our blogpost: Android app breaking bad: From legitimate screen recording to file exfiltration within a year

Join with us on FacebookTwitterLinkedIn and Instagram.


Leave a Reply

Your email address will not be published. Required fields are marked *