How an innocuous app morphed right into a trojan – Week in safety with Tony Anscombe

ESET analysis uncovers an Android app that initially had no harmful options however months later became a spying device

This week, ESET malware researcher Lukas Stefanko revealed how an initially authentic Android app morphed into a malicious trojan that would steal users’ information and document surrounding audio from the gadget’s microphone after which exfiltrate it. The app, named iRecorder – Display Recorder, was first listed in the Google Play Store in September 2021, with the malicious code added virtually a yr later. ESET analysis named the malware AhRat and it’s a customization of the open-supply AhMyth distant access trojan (RAT). The app was downloaded 50,000-plus occasions before it was detected by ESET and faraway from the Android retailer by Google.

For a technical writeup, head over to our blogpost: Android app breaking dangerous: From professional display recording to file exfiltration within a yr

Join with us on FacebookTwitterLinkedIn and Instagram.

Leave a Reply

Your email address will not be published. Required fields are marked *

Translate »