![]() Loom is an intuitive screen recording app for Android that offers you the fastest way to create and share screen recordings of your device. How to – Include mouse pointer in screenshot.How to – Changing macOS screenshot file format.5 best screen recording apps for Windows.Screenshot keyboard shortcuts for Windows and macOS.Fastest ways to take screenshots on Windows 10.20 best free screenshot tools and plugins.Below I have listed the best (so far) screen recording apps for Android. However, if you have downloaded this app, it is advisable that you uninstall and remove it from your smartphone now.Whether you want to record your Android screen for your YouTube channel or just to record some steps to recall later, there are HD screen recording apps available for that. If you haven’t downloaded this app, there is nothing to worry about. However, by the time, the app had already been downloaded 50,000 times. ![]() What is Google doing about it?ĮSET researchers flagged the app’s malicious behaviour to Google, following which it removed the app from the Play Store. Upon analysis, researchers found that the trojan was sending files representing web pages, images, audio, video, and document files, and file formats used for compressing multiple files, including - zip, rar, jpg, jpeg, jpe, jif, jfif, jfi, png, mp3, mp4, mkv, 3gp, m4v, mov, avi, gif, webp, tiff, tif, heif, heic, bmp, dib, svg, ai, eps, pdf, doc, docx, html, htm, odt, pdf, xls, xlsx, ods, ppt, pptx, and txt, to its developers - which is a lot of information. Simply put, the malicious app pings users’ personal information to the developers every 15 minutes. ![]() The researchers said that the AhRat trojan pings the C&C server every 15 minutes requesting a new configuration file. If all that wasn’t enough to scare you, there’s more. “Upon installation of the malicious app, it behaved as a standard app without any special extra permission requests that might have revealed its malicious intentions,” the researchers added. So, when the developers installed malicious code in the app, it required no extra permission. However, they are fit for any screen recording app. The researchers claim that all these permissions for an app would have raised suspicion. By extension, AhRat also came with similar capabilities. The original trojan, AhMyth RAT, is capable of exfiltrating call logs, contacts, and text messages, obtaining a list of files on the device, tracking the device location, sending SMS messages, recording audio, and taking pictures. The malicious code that was added to the app was based on the open-source AhMyth Android RAT (remote access trojan) that was customised into what the researchers termed as AhRat. Almost a year after its roll out, the developers injected a malicious code in the app, which when things went wrong. Image: ESET But what about the malicious behaviour?Īs mentioned before, the app didn’t contain any malicious code when it was launched. However, we were not able to attribute the app to any particular malicious group,” the researchers wrote in a blog post. “The app’s specific malicious behavior – exfiltrating microphone recordings and stealing files with specific extensions – tends to suggest that it is part of an espionage campaign. Also Read - No ChatGPT-drafted content in my court: US Judge tells lawyers It can also upload files with extensions representing saved web pages, images, audio, video, and document files, and file formats used for compressing multiple files, from the device. The researchers says that apart from providing legitimate screen recording functionality, the malicious iRecorder app can record surrounding audio from a phone’s microphone and upload it to the attacker’s command and control (C&C) server. Also Read - Google ends support for first-gen Chromecast: Here’s what it means for users What does the app do? Almost a year later in August 2022, the developers of the app rolled out version 1.3.8 of the app, following which the malicious behaviour started. The researchers say that the app arrived on the Play Store on September 19, 2021. Also Read - Thomson 65-inch QLED TV review: Easy on your pocket but is it worth the upgrade?Īccording to security researchers at ESET (via The Verge), an Android app dubbed as the ‘iRecorder – Screen Recorder’ started collecting user data without their explicit permission almost a year after it was launched on the Play Store without hiding any malicious code. In another such incident, security researchers have found out that an Android app went rogue almost a year after its rollout via Google’s Play Store. Despite its best efforts, a harmful app often manages to slide past its defenses and get to the unsuspecting users. Google, over the years, has strengthened its defenses and put in place strong guardrails for protecting its Android ecosystem from malware and other malicious apps and programs.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |