Android

Popular Android app is secretly SPYING on users – what to do if you have it installed 

iRecorder secretly steals pictures, files and web information on Android devicesIt also records an audio snippet every 15 minutes by hijacking the microphoneCyber experts at ESET currently do not know who is behind this malicious attack

Cybersecurity experts have warned that a popular Android app is secretly spying on users as part of a potential espionage campaign.

Phone owners have been urged to delete a malicious app known as iRecorder after it was found to subtly steal files, web information and even pictures.

The unsuspecting screen-recorder even makes use of a phone’s microphone every 15 minutes, taking a snippet of audio for unknown purposes. 

This malware, discovered by ESET, did not come as part of the app when it launched in 2021.

Instead, attackers took a more unusual approach, with harmful features cropping up nearly a year later, in what may have been disguised as a typical update.

iRecorder secretly steals pictures, files and web information on Android devices (file image)

iRecorder secretly steals pictures, files and web information on Android devices (file image)

‘Interestingly here is that the app passed initial tests to get on the Google Play store but it was the update that carried the malicious activity,’ Jake Moore, Global Cybersecurity Advisor at ESET said.

‘Although the app is now removed from the Google Play store, it is advised to remove it from your phone if you installed it whilst it was still live. 

‘By deleting the app, the phone will remain safe from prying eyes and ears.’

ESET believes the app has been downloaded by more than 50,000 people since its launch three years ago on Google Play.

Google has now removed this and Apple devices are unaffected, but it is still available to download from alternative Android markets.

Before using, phone holders are asked to give iRecorder permission to record audio and ‘access photos, media and files’.

But ESET claims there are no other special permission requests that may hint to its harmful intentions. 

It is currently uncertain whether a specific group is behind this malware which uses a powerful open-source tool known as ‘AhMyth’.

Google has now removed this and Apple devices are unaffected, but iRecorder is still available to download from alternative Android markets
Before using, users are asked to give iRecorder permission to record audio and 'access photos, media and files'

Google has now removed this and Apple devices are unaffected, but iRecorder is still available to download from alternative Android markets

HOW TO USE  PLAY PROTECT ON GOOGLE

But ESET claims that AhMyth was previously employed by the Transparent Tribe –  a cyberespionage group that targets governments and military groups in South Asia.

To remove these harmful features from a device, all users need to do is simply delete the app. 

Google also offers a built-in security feature called Play Protect that can scan your apps for malware in future.  

This malware also comes just weeks after the security firm Kaspersky found 11 other apps on Google Play that hold a new type of malware known as Fleckpe.

This largely included photo and video editing apps including ‘Photo Effect Editor’ and ‘Beauty Slimming Photo Editor’.

At the time, Google said that it takes ‘security and privacy claims against apps seriously’ and deleted these apps.

Yet, in the face of malware risks, ESET urges phone users to continue updating their phones as the benefits outweigh these risks.

Mr Moore added: ‘This should hopefully not put people off updating as more damage can usually be done by not installing timely app and device updates.’

A Google spokesman told MailOnline: ‘When we find apps that violate our policies, we take appropriate action. Devices running Android 11 and above have protections that limit app access to device location, camera, or microphone.

‘Google Play Protect also protects users from apps known to contain this malware on Android devices with Google Play Services, even when those apps come from other sources.’

Google warns of SPYWARE being used by foreign governments to hack into Apple and Android phones and snoop on citizens’ activities 

Related posts

Lastly an iPad beater? DailyMail.com assessments the OnePlus Pad

admin

iPhone customers shocked to find the white bar on the backside of their system’s display to used to simply change between apps

admin

Tips on how to use iMessage on any ANDROID gadget (with one tiny disadvantage)

admin

This website uses cookies to improve your experience. We'll assume you're ok with this, but you can opt-out if you wish. Accept Read More

Privacy & Cookies Policy