How an innocuous app morphed into a trojan – Week in security with Tony Anscombe

Cyber Security

ESET research uncovers an Android app that initially had no harmful features but months later turned into a spying tool

This week, ESET malware researcher Lukas Stefanko revealed how an initially legitimate Android app morphed into a malicious trojan that could steal users’ files and record surrounding audio from the device’s microphone and then exfiltrate it. The app, named iRecorder – Screen Recorder, was first listed in the Google Play Store in September 2021, with the malicious code added almost a year later. ESET research named the malware AhRat and it is a customization of the open-source AhMyth remote access trojan (RAT). The app was downloaded 50,000-plus times before it was detected by ESET and removed from the Android store by Google.

For a technical writeup, head over to our blogpost: Android app breaking bad: From legitimate screen recording to file exfiltration within a year

Connect with us on FacebookTwitterLinkedIn and Instagram.

Products You May Like

Articles You May Like

China’s Malicious Cyber Activity Informing War Preparations, Pentagon Says
Cloud to Blame for Almost all Security Vulnerabilities
10 tips to ace your cybersecurity job interview
Ballistic Bobcat’s Sponsor backdoor – Week in security with Tony Anscombe
International Criminal Court Reveals Security Breach

Leave a Reply

Your email address will not be published. Required fields are marked *