ESET analysis uncovers an Android app that initially had no harmful options however months later became a spying device
This week, ESET malware researcher Lukas Stefanko revealed how an initially authentic Android app morphed into a malicious trojan that would steal users’ information and document surrounding audio from the gadget’s microphone after which exfiltrate it. The app, named iRecorder – Display Recorder, was first listed in the Google Play Store in September 2021, with the malicious code added virtually a yr later. ESET analysis named the malware AhRat and it’s a customization of the open-supply AhMyth distant access trojan (RAT). The app was downloaded 50,000-plus occasions before it was detected by ESET and faraway from the Android retailer by Google.
For a technical writeup, head over to our blogpost: Android app breaking dangerous: From professional display recording to file exfiltration within a yr