Android app turns rogue, secretly records conversation of users for almost a year
iRecorder Screen Recorder has been recording the audio of the users after almost a year of its launch on Google Play Store.
There are numerous Android recording apps on Play Store but recently a recording app has turned rogue and has been recording audio clips without the permission of the users. The app’s name is iRecorder Screen Recorder and after almost a year of its launch, the screen recording app started to behave abruptly. The app began to record portions of the audio of the users and then forwarded to the developer’s server
The app came out in September 2021 and after an update in August 2022, it began recording 1 minute of audio for every 15 minutes. The recording was then forwarded to the developer’s server through an encrypted link. The whole incident was reported and documented by Lukas Stefanko, researcher, Essential Security against Evolving Threats (ESET).
According to Stefanko as the iRecorder Screen Recorder app was updated in August 2022, it included a malicious code which was based on “open-source AhMyth Android RAT (remote access trojan).” Around 50,000 downloads of the app were reported. However, in the later stage, the app was removed from the Play store. Stefanko also mentioned that apps with AhMyth embedded in them had earlier made it pass Google’s filters.
The Scam apps are not new on Google Play Store and Apple App Store. Generally, the recorder apps have fake reviews about them. This hikes its visibility on the app platforms and users go on to download them. The recording apps use the permissions granted to them by the user in order to gather sensitive information from their device. The information is then transferred to the developer which can lead to many mishaps. Google removes malware as soon as they are discovered and reported on the platform. However, these kinds of malware-infested apps have been reported from time to time and later Google Play Store removes it. Users should always be careful about the type of apps they are downloading from the Play Store. If they find any app suspicious, they should report it and then uninstall it.