According To One Of The Researchers Of Cyber Security Company Esetirecorder Android Application, After Years Of Activity And With More Than 50,000 Downloads From The Google Play Software Store, It Has Become A Spy Tool That Records The Sound Around The Phone Every 15 Minutes Without The User’s Permission And Sends It To Developers.
Lukas Stefanko), one of ESET’s leading researchers In, an online post on Tuesday announced that the iRecorder Screen Recorder appIn September 2021 (September 1400) in the Google Play store, started its work as a screen recording software, now has become a spy application.
This post explains that eleven months after the start of this application, an important update has been released for it and has provided new features to users.
These features included turning on the smartphone’s microphone and recording audio remotely, connecting to a server controlled by the software developer, and uploading audio files and other sensitive files stored on the phone without permission.
Secret audio recording every 15 minutes!
According to ESET researchers, functions and instructions related to spying on the user using AhMyth code done that a remote access trojan ( RAT) is open source, which has been discovered in several other Android applications.
After RAT codes are added to this popular and practical application, iRecorderIt, can record the sound around the phone and send it through an encrypted channel to the servers predetermined by the developers.
Examining different versions of the said application by researchers shows that over time, the codes taken from AhMyth They are heavily modified, offering developers with working RAT code open source have become more familiar and skilled. ESETThese: These advanced RAT codes in the recorder included are the AhRathas named.
The post published by Lukas Stefanko explains that the application has been installed and tested many times on different phones. Each time, the result is the same, recording a minute of audio and sending it to the attacker’s command and control servers.
Google Play needs to increase the level of security
The presence of spyware in applications published in the Google Play Store is not a new thing. Google has never commented on the discovery of malware in its app store, only thanking the researchers who discovered it.
Lucas Stefan Ko’s report explains:
Unfortunately, we do not have any evidence that the application is designed and released for a specific group. It is unclear whether a particular group of people was targeted; However, the iRecorder app has infected thousands of Android smartphones and spied on their victims.