ESET analysis uncovers an Android app that originally had no dangerous options however months later changed into a spying software
This week, ESET malware researcher Lukas Stefanko revealed how an initially reputable Android app morphed right into a malicious trojan that might steal customers’ recordsdata and report surrounding audio from the gadget’s microphone after which exfiltrate it. The app, named iRecorder – Display screen Recorder, was first listed within the Google Play Retailer in September 2021, with the malicious code added virtually a yr later. ESET analysis named the malware AhRat and it’s a customization of the open-source AhMyth distant entry trojan (RAT). The app was downloaded 50,000-plus instances earlier than it was detected by ESET and faraway from the Android retailer by Google.
For a technical writeup, head over to our blogpost: Android app breaking bad: From legitimate screen recording to file exfiltration within a year
Join with us on Facebook, Twitter, LinkedIn and Instagram.