Connect with us


Android customers warned over iRecorder screen recorder app secretly recording spying on users




A popular Android screen recording app has been caught spying on its users, including recording their conversations and stealing documents from their phones, cybersecurity researchers report.

Researchers at cybersecurity firm ESET discovered malware had been uploaded to the Android iRecorder — Screen Recorder app, which has been downloaded more than 50,000 times.

WATCH THE VIDEO ABOVE: The online job ad that tricked a single mum into handing over her lifesavings.

Watch the latest News on Channel 7 or stream for free on 7plus >>

The app was initially uploaded to the Google Play store as a harmless screen recording app in 2021, however, researchers found it likely became malicious in August.

ESET says Android users who installed the app prior to then would have unknowingly exposed their devices to the malware, named AhRat after the malware AhMyth on which it is based, when they updated the app.

“Aside from providing legitimate screen recording functionality, the malicious iRecorder can record surrounding audio from the device’s microphone and upload it to the attacker’s command and control (C&C) server,” ESET malware researcher Lukas Stefanko warns.

The iRecorder - Screen Recorder app has since been deleted from the Google Play store. Credit: ESET

The sneaky malware uses the victim’s microphone to take a snipPet of audio every 15 minutes to send it back to the server.

It can also steal documents, web pages, images, audio and video from the victim’s phone, which is also sent to the cyber criminal’s server to be stored.

Once it is downloaded, users are asked to give their permission for iRecorder to access their phone’s photo, media and files, which researchers say does not initially come across as suspicious as it is a recording app.

The app has since been removed from the Google Play store, and Android users are urged to check their phones for the malicious app and delete it.

“It is important to note that the app can also be found on alternative and unofficial Android markets,” Stefanko said.

“The iRecorder developer also provides other applications on Google Play, but they don’t contain malicious code.”