Unfortunately, computer attacks do not stop increasing. And Android is one of its main objectives. The last example? An application available on Google Play has been recording your conversations for more than a year.
As reported from a ArsTechnica post in which they indicate that the Android recording application called iRecorder Screen Recorder has been recording our conversations without permission for some time.
Immediately delete iRecorder Screen Recorder from your phone
The worst of all, is that the app was a year working as a screen recorder, without any type of malware. In this way, since its launch in September 2021, it has behaved like a normal app.
The problem is that, after being updated in August 2022, it went on to record one minute of audio every 15 minutes and forward those recordings, via an encrypted link, to the developer’s server.
All of this information has been documented by Essential Security Against Evolving Threats (ESET) researcher Lukas Stefanko, so it is a pretty serious topic. In this way, the developer has had access to all user conversations.
Tape recorder
/Unplash
In said publication they point out that malicious code was added in the 2022 update “based on the open source AhMyth Android RAT (Remote Access Trojan).
And considering that accumulated more than 50,000 downloads before being removed from Google Play, You must exercise precautions. In addition, they make it clear that we are completely vulnerable to attacks of all kinds.
The idea of this developer is very good, within that it is a crime. Launch the app without malicious code so that it passes the controls of Google Play. Then, wait a reasonable time for it to accumulate downloads, and end up launching an update with malicious code.
In this case, We are not sure if the developer was the one who added this malicious code, or if he sold the app on the Dark Web to hackers so that they corrupt the iRecorder Screen Recorder application.
But what is clear is that we are not going to be able to easily eliminate this problem of apps that are updated with malicious code. And we are very much afraid that the best thing you can do is to only use apps from reputable developers. And if you can avoid them and use native solutions on your phone, all the better.