Malware Developed for Android: iRecorder!

ESET, one of the largest cyber security companies in the world, has an application on the Google Play Store that has been downloaded more than 50 thousand times. it is malicious Has detected. Research shows that the application did not contain any problems when it was first published, published in August 2022. with an update turns out to be malicious.

The name of the app that threatens Android users “iRecorder – Screen Recorder“. This application was first released in September 2021 and its purpose was for users to be able to record screens. However, the application deviated from its purpose in the next stage and evolved to a completely different point. According to ESET’s research, malware, records the surrounding sound once every 15 minuteswas sending it to an external source.

The app’s page on the Google Play Store:

The investigations show that this practice, which was innocent at the beginning, added later detected. This addition, which is a major threat to Android devices “AhMyth RAT“. This malicious tool could extract messages, calls, contacts, documents, file list from a smartphone, track device location instantly. ESET detected that only audio recording and accessing files features were used in iRecorder – Screen Recorder. he did.

It is unknown how many people’s voice recordings were leaked and where the target audience is!

How many people were affected by malware in ESET iRecorder – Screen Recorder could not detect explained. It is also unclear who the app is targeting. So the developer team may have done something like this just to listen to people. But there is one thing ESET people are sure of: the developers of the “Coffeeholic Dev” need to understand and use the AhMyth RAT tool. to shape them they put a lot of effort into it.

What will those who say “I also downloaded this application” do?

iRecorder – Screen Recorder, following ESET’s notification to Google removed from app store. But you may have downloaded this app in the past. So what should users do in this situation?

In order for your audio to be recorded via iRecorder – Screen Recorder, you had to allow the application to use microphone and file access. If you did, your received audio recordings have already been transferred to another server. Well for outgoing data there is nothing you can do. Uninstalling the application and scanning with mobile security applications from companies such as ESET can help you relax in the next process. If there are things you don’t like, format the phone It would be the cleanest solution.