More than 50,000 users have downloaded it iRecorder app It literally hides spying on your microphone. According to An ESET company reportThis malicious application records ambient sound every 15 minutes and sends it to a remote server.
Android app that records your microphone without your knowledge
Imagine using an app for months without any problems, until the day you discover that it records your microphone’s sound and sends it to a stranger. This is what happened to tens of thousands of Android users who were infected by a malicious app called iRecorder. A pattern that is unfortunately very widespread.
Launched on the Google Play Store in September 2021, the app doesn’t ask for excessive permissions, just the ones needed to record the smartphone’s screen, it was developed. But in August 2022, everything changes.
The app update adds malicious code to the app from an open-source spyware called AhMyth. The latter allows you to take remote control of an Android device and access its sensitive data. So the iRecorder app was launched Turn on the smartphone’s microphone Every 15 minutes, it records ambient sound and encrypts it before sending it to an attacker-controlled server. This process was going on in the background, unnoticed by the user.
Late discovery
It was in May 2023 that the pot of roses was discovered by Lukas Stefanko, a security researcher at ESET. Analyzing the app’s behavior on several devices, he noticed that it was connecting to a remote server and constantly sending audio files. He also found that the malicious code had evolved over time, indicating that developer AhMyth had gotten better at using the spyware. He named this new software version AhRat.
Stefano alerted Google, which removed the app from the app Google Play Store. But it was too late for the more than 50,000 users who downloaded the app and spied on it for months. So it is better to check the list of applications installed on your smartphone and remove iRecorder if it is there.
On the same subject: Samsung smartphones have suffered a major security breach
We still don’t know who is behind this move and what is its purpose. But the case illustrates the dangers associated with mobile apps, which can be misused for malicious purposes. We can only advise you to check the permissions granted to apps, read other users’ comments, and be wary of apps that look suspicious to you or ask for too many permissions when installed.
Google is aware of several security issues related to apps on its Play Store. Android 14 should bring improvements in this area, especially by preventing the installation of apps that haven’t been updated in a long time. In this case, a move that is unfortunately not effective…
