iRecorder Screen Recorder turns villian
An Android app that initially appeared harmless was recently exposed for engaging in covert activities by secretly recording users without their knowledge or consent. The app in question, known as iRecorder Screen Recorder, initially debuted on Google Play in September 2021.
However, nearly a year later, it underwent an ominous transformation that revealed its true sinister intentions. This revelation serves as a stark reminder of the potential dangers posed by smartphone applications, which can change their behavior long after installation.
According to a researcher working at ESET iRecorder Screen Recorder's August 2022 update incorporated a malicious code based on the open-source AhMyth Android RAT (remote access trojan). This update made the app a harmful addition to your smartphone.
Following the update, the app stealthily recorded one minute of audio every 15 minutes, encrypting and forwarding the recordings to the developer's server.
You may read the full report here.
What is wrong with Google Play Store?
The Play Store, which previously removed 11 applications from its list on the grounds that they were trojans, cannot prevent these malwares from entering the application.
Scam apps have long plagued unsuspecting users, often utilizing predatory subscription pricing and fabricated reviews to gain visibility on these platforms. However, the case of iRecorder Screen Recorder exposes a more insidious issue: apps that morph into malicious entities after installation, exploiting the permissions granted by users to extract sensitive information from their devices. The acquired data is then used for unknown purposes by the app's developer.
iRecorder Screen Recorder is already removed
iRecorder Screen Recorder has been swiftly removed from the Play Store but the incident raises alarming questions about the potential existence of sleeper agents masquerading as harmless apps on users' smartphones. In response, Google is reportedly working on updates to enhance user awareness.
These updates aim to provide users with monthly notifications, informing them about apps that have modified their data-sharing practices, thereby allowing users to take necessary precautions.
“In response, Google is reportedly working on updates to enhance user awareness.
These updates aim to provide users with monthly notifications, informing them about apps that have modified their data-sharing practices, thereby allowing users to take necessary precautions.”
How is that in response. Such malicious applications won’t give a warning that they changed their data-sharing practices. Unless Google checks actual application behavior and how it changes, but then it would be interesting to know how that works.