How an innocuous app morphed into a trojan – Week in security with Tony Anscombe

Cyber Security

ESET research uncovers an Android app that initially had no harmful features but months later turned into a spying tool

This week, ESET malware researcher Lukas Stefanko revealed how an initially legitimate Android app morphed into a malicious trojan that could steal users’ files and record surrounding audio from the device’s microphone and then exfiltrate it. The app, named iRecorder – Screen Recorder, was first listed in the Google Play Store in September 2021, with the malicious code added almost a year later. ESET research named the malware AhRat and it is a customization of the open-source AhMyth remote access trojan (RAT). The app was downloaded 50,000-plus times before it was detected by ESET and removed from the Android store by Google.

For a technical writeup, head over to our blogpost: Android app breaking bad: From legitimate screen recording to file exfiltration within a year

Connect with us on FacebookTwitterLinkedIn and Instagram.

Products You May Like

Articles You May Like

Healthcare still a prime target for cybercrime gangs – Week in security with Tony Anscombe
Threat intelligence explained | Unlocked 403: A cybersecurity podcast
Hackers Using Cracked Software on GitHub to Spread RisePro Info Stealer
LockBit Ransomware Hacker Ordered to Pay $860,000 After Guilty Plea in Canada
GhostRace – New Data Leak Vulnerability Affects Modern CPUs

Leave a Reply

Your email address will not be published. Required fields are marked *