Video
ESET research uncovers an Android app that initially had no harmful features but months later turned into a spying tool
26 May 2023
This week, ESET malware researcher Lukas Stefanko revealed how an initially legitimate Android app morphed into a malicious trojan that could steal users’ files and record surrounding audio from the device’s microphone and then exfiltrate it. The app, named iRecorder – Screen Recorder, was first listed in the Google Play Store in September 2021, with the malicious code added almost a year later. ESET research named the malware AhRat and it is a customization of the open-source AhMyth remote access trojan (RAT). The app was downloaded 50,000-plus times before it was detected by ESET and removed from the Android store by Google.
For a technical writeup, head over to our blogpost: Android app breaking bad: From legitimate screen recording to file exfiltration within a year
Further reading: How to tell if your phone has been hacked
Connect with us on Facebook, Twitter, LinkedIn and Instagram.
- SEO Powered Content & PR Distribution. Get Amplified Today.
- PlatoData.Network Vertical Generative Ai. Empower Yourself. Access Here.
- PlatoAiStream. Web3 Intelligence. Knowledge Amplified. Access Here.
- PlatoESG. Carbon, CleanTech, Energy, Environment, Solar, Waste Management. Access Here.
- PlatoHealth. Biotech and Clinical Trials Intelligence. Access Here.
- Source: https://www.welivesecurity.com/2023/05/26/app-morphed-trojan-week-security-tony-anscombe/
- :has
- :is
- 2021
- 32
- 40
- 50
- a
- access
- added
- almost
- an
- and
- android
- android app
- app
- audio
- Bad
- been
- before
- Breaking
- but
- by
- Category
- code
- could
- customization
- detected
- editor
- ESET Research
- exfiltration
- Features
- File
- Files
- First
- from
- Google Play
- Google Play Store
- had
- harmful
- head
- How
- HTTPS
- if
- in
- initially
- into
- IT
- later
- legitimate
- Listed
- malware
- max-width
- May..
- microphone
- months
- Named
- no
- of
- open source
- our
- over
- phone
- plato
- Plato Data Intelligence
- PlatoData
- Play
- Play Store
- RAT
- Reading
- record
- recording
- remote
- remote access
- Removed
- research
- researcher
- Revealed
- Screen
- security
- September
- spying
- store
- Surrounding
- Technical
- tell
- that
- The
- then
- times
- to
- Tony
- Trojan
- Turned
- us
- users
- was
- week
- with
- within
- year
- Your
- zephyrnet