Innocent-seeming apps can be trojan horses for your information. Image: Amar Toor / The Verge
An Android recording app called iRecorder Screen Recorder began as an innocent screen recording app but turned evil nearly a year after it was first released, as detailed by Ars Technica. The app first came out in September 2021, but after an update the following August, it began recording a minute of audio every 15 minutes and forwarding those recordings, through an encrypted link, to the developer’s server. The whole thing is documented in a blog post from Essential Security against Evolving Threats (ESET) researcher Lukas Stefanko.
In the post, Stefanko said the app was updated in August 2022 to include malicious code “based on the open-source AhMyth Android RAT (remote access trojan).” The app had 50,000 downloads by the time it was…
The Verge – All Posts