Even the most well-designed Android apps can go rogue. Especially when malicious code is introduced by hackers, as was the case with a popular screen recorder software on the Google Play Store. According to cybersecurity firm ESET’s recent study, the iRecorder – Screen Recorder software is now distributing malware to unsuspecting users.
What makes this story particularly intriguing is that the app itself was submitted to the Play Store in 2021 with no harmful features. However, with the introduction of iRecorder – Screen Recorder version 1.3.8 in August 2022, the app began infecting Android phones with malware. The app had received over 50,000 downloads on the Play Store before Google took it down.
The iRecorder App: A Trojan Horse
iRecorder, a seemingly innocuous screen recording app, was found to have a hidden malicious functionality. This app was first uploaded on September 19, 2021. The data-stealing capabilities were believed to have been introduced in version 1.3.8 of the app, which was released on August 24, 2022. The Play Store removed the app after flagging it for containing the AhMyth trojan.
The Developer Behind iRecorder
iRecorder is the work of a developer named Coffeeholic Dev. He has also released several other apps over the years. As of writing, none of them are available on the Play Store. His other apps include:
- File speaker
- QR Saver
What is the Malware capable of?
AhRat is capable of stealing a wide range of data from infected devices, including:
- SMS messages
- Call logs
- Browser history
- Device location
- Device screenshots
The attacker can also remotely control the infected device using the malware, enabling them to perform actions such as:
Gizchina News of the week
- Make calls
- Send text messages
- Browse the internet
- Take screenshots
Users who have downloaded iRecorder should uninstall the app immediately. If you are unsure whether you have the app installed, you can check your device’s app list. To protect yourself from malware, it is important to only download apps from trusted sources. You should also keep your apps up to date, as updates often include security patches that can help to protect your device from malware.
Tips for Android Users to Stay Safe
Here are some additional tips for protecting your Android device from malware:
- Only download apps from trusted sources, such as the Google Play Store.
- Be careful about what permissions you grant to apps. Only grant permissions that are necessary for the app to function.
- Keep your apps up to date. Updates often include security patches that can help to protect your device from malware.
- Use a security app. A security app can scan your device for malware and help to protect it from attack.
By following these tips, you can help to keep your Android device safe from malware.
How to Spot a Malicious App
There are a few things you can look for to spot a malicious app:
- The app’s permissions. Malicious apps often request excessive permissions, such as access to your contacts, SMS messages, or location.
- The app’s rating and reviews. Malicious apps often have low ratings and reviews, with users complaining about the app’s performance or behavior.
- The app’s source. Malicious apps are often not available from trusted sources, such as the Google Play Store.
If you’re unsure whether an app is safe, it’s best to err on the side of caution and avoid installing it.
What to Do If You Think You’ve Been Infected
If you think you’ve been infected with malware, there are a few things you can do:
- Uninstall the app immediately.
- Scan your device with a security app.
- Change your passwords for all of your online accounts.
- Report the app to Google Play.
By following these steps, you can help to protect yourself from further damage.
In Conclusion: Stay Informed and Stay Safe
The detection of data-stealing malware in iRecorder app highlights the hidden dangers in seemingly harmless applications. Android users should stay alert, informed, and practice good cybersecurity measures to safeguard their data and protect against potential threats. Stay updated on security news to protect yourself from evolving cyber threats.