Video
ESET analysis uncovers an Android app that originally had no dangerous options however months later changed into a spying device
26 Could 2023
This week, ESET malware researcher Lukas Stefanko revealed how an initially reliable Android app morphed right into a malicious trojan that might steal customers’ recordsdata and document surrounding audio from the system’s microphone after which exfiltrate it. The app, named iRecorder – Display Recorder, was first listed within the Google Play Retailer in September 2021, with the malicious code added nearly a 12 months later. ESET analysis named the malware AhRat and it’s a customization of the open-source AhMyth distant entry trojan (RAT). The app was downloaded 50,000-plus occasions earlier than it was detected by ESET and faraway from the Android retailer by Google.
For a technical writeup, head over to our blogpost: Android app breaking bad: From legitimate screen recording to file exfiltration within a year
Additional studying: How to tell if your phone has been hacked
