Smartphone apps can change their behavior long after they’ve been downloaded, turning a once-innocent app into something far worse.
The Android recording app called iRecorder started out as an innocent screen recording app, but almost a year after its release, it turned into a malicious program. The app was first released in September 2021, but after a subsequent update in August
It started recording a minute of audio every 5 minutes and transmitted these recordings to the developer’s server via an encrypted link.
It was all documented in a blog post by Essential Security against Evolving Threats (ESET) researcher Lukas Stefanko.
In the post, Stefanko said the app was updated in August 2022 to include malicious code “based on the open source AhMyth Android RAT (remote access trojan)”.
The app had 50,000 downloads before it was reported and removed from the Play Store.
Stefanko added that AhMyth’s embedded apps have passed Google’s filters before.
Cheating apps are nothing new in the Apple or Google app stores. Voice recording apps can be particularly malicious. Sometimes they pump up their visibility on these platforms with cheap subscription prices and fake reviews. And Stefanko’s blog post draws attention to a particularly serious problem: after a while, applications can “move over to the dark side” and use the initially granted permissions to collect sensitive information from the device, and then forward it to the developer for nefarious activities.
This particular application no longer exists, but unfortunately it is possible that three other similar ones have since taken its place. For now, Google is only working on a system that would send a monthly notification about which applications have changed their data sharing practices – if this is revealed at all.
If you want to read more interesting tech news, follow the Facebook page of the Origo Techbase, click here!
Tags: Delete app mobile immediately
