Billions of Android users urged to check for ‘malicious’ app stealing from you

By Kevin Colleran On May 24, 2023

ANDROID owners have been warned about a malicious app that can steal their data.

Experts from ESET, a software company that specializes in cybersecurity, have uncovered a malware-laden app lingering on the Google Play store.

The app, dubbed iRecorder – Screen Recorder, has been on the store since September 19, 2021, and has well over 50,000 downloads.

However, ESET revealed that malware wasn’t embedded into the software until around August 2022.

The experts noted that it’s unusual for a developer to upload a legitimate app and then update it with malicious code many months later.

“The malicious code that was added to the clean version of iRecorder is based on the open-source AhMyth Android RAT (remote access trojan) and has been customized into what we named AhRat,” an ESET report said.

As of right now, this appears to be the only AhRat malware in the wild affecting Android devices.

But, it is not the first time that AhMyth-based Android malware has been easily available on Google Play.

HOW DOES THE APP WORK?

While the app does provide legitimate screen recording functionality, it can also steal files on your phone.

This includes saved webpages, images, audio, video, document files, and file formats used for compressing multiple files.

“The app’s specific malicious behavior – exfiltrating microphone recordings and stealing files with specific extensions – tends to suggest that it is part of an espionage campaign,” the ESET report said.

“However, we were not able to attribute the app to any particular malicious group.”

After ESET identified the application and notified Google, the app was promptly removed from the store.

HOW TO STAY SAFE

For starters, it’s important to always keep your device updated with the latest software and antivirus protection.

You should also avoid installing apps from unofficial app stores.

And even if an app is on Google’s Play Store, you should remain vigilant and question its legitimacy.

Furthermore, you should never download anything from strange pop-up windows.

It can also be helpful to read user reviews and keep Google’s Play Protect feature active.

For all the latest Technology News Click Here

For the latest news and updates, follow us on Google News.

Read original article here

Denial of responsibility! TheDailyCheck is an automatic aggregator around the global media. All the content are available free on Internet. We have just arranged it in one platform for educational purpose only. In each content, the hyperlink to the primary source is specified. All trademarks belong to their rightful owners, all materials to their authors. If you are the owner of the content and do not want us to publish your materials on our website, please contact us by email – [email protected] The content will be deleted within 24 hours.