Researchers at cybersecurity firm ESET discovered malware had been uploaded to the Android iRecorder — Screen Recorder app, which has been downloaded more than 50,000 times.
WATCH THE VIDEO ABOVE: The online job ad that tricked a single mum into handing over her lifesavings.
Watch the latest News on Channel 7 or stream for free on 7plus >>
The app was initially uploaded to the Google Play store as a harmless screen recording app in 2021, however, researchers found it likely became malicious in August.
ESET says Android users who installed the app prior to then would have unknowingly exposed their devices to the malware, named AhRat after the malware AhMyth on which it is based, when they updated the app.
“Aside from providing legitimate screen recording functionality, the malicious iRecorder can record surrounding audio from the device’s microphone and upload it to the attacker’s command and control (C&C) server,” ESET malware researcher Lukas Stefanko warns.
The sneaky malware uses the victim’s microphone to take a snipPet of audio every 15 minutes to send it back to the server.
It can also steal documents, web pages, images, audio and video from the victim’s phone, which is also sent to the cyber criminal’s server to be stored.
Once it is downloaded, users are asked to give their permission for iRecorder to access their phone’s photo, media and files, which researchers say does not initially come across as suspicious as it is a recording app.
The app has since been removed from the Google Play store, and Android users are urged to check their phones for the malicious app and delete it.
“It is important to note that the app can also be found on alternative and unofficial Android markets,” Stefanko said.
“The iRecorder developer also provides other applications on Google Play, but they don’t contain malicious code.”
Google Pauses AI-Made Images of People After Race Inaccuracies
Nvidia CEO Says AI Has Hit a ‘Tipping Point’ as Revenue and Profit Soar
How a New Bipartisan Task Force Is Thinking About Artificial Intelligence
Hackers Could Use ChatGPT to Target 2024 Elections
Jeff Bezos Nets $8.5 Billion From Amazon Share Sale
Crypto exchange FTX to sell shares in AI startup Anthropic
Meta's Oversight Board includes Threads under its purview
Meta tests cross-posting from Facebook to Threads