Security researchers at software company ESET have discovered a popular application on Google’s Play Store is able to attack users, track their location, steal text messages, and even record private conversations through a bug called AhMyth RAT.
Discover our latest podcast
The app called iRecorder – Screen Recorder has been downloaded by approximately 50,000 Android users. It is able to get around Google's strict security rules. Google has now banned it from the Play Store.
About the malicious app
The application first appeared on the Play Store back in 2021. It was allowed because it didn't contain any data-stealing malware at that time.
However, a bug was then added to the app at a later date, and even those who had installed it beforehand were targeted by an update. Having to update apps is a common occurrence for phone users, so it’s probable many agreed to download the update without realising its capabilities.
ESET explained:
Android users who had installed an earlier version of iRecorder (prior to version 1.3.8), which lacked any malicious features, would have unknowingly exposed their devices to AhRat, if they subsequently updated the app either manually or automatically, even without granting any further app permission approval.
The AhRat research serves as a good example of how an initially legitimate application can transform into a malicious one, even after many months, spying on its users and compromising their privacy.
Read more ⋙ Samsung: Millions urged to change phone before new Android operating system is released this year
Read more:
⋙ Millions of Android users could be affected by this warning that should not be ignored
⋙ Millions of Android users urged to check phone immediately as Google bans popular apps
What to do if you have the app
If you think you may have installed the software, you should check your device and immediately delete the app. The ESET team explained:
As a Google App Defense Alliance partner, ESET identified the most recent version of the application as malicious and promptly shared its findings with Google.
Following our alert, the app was removed from the store.
Here's how to delete an app installed on your phone:
- Open the Google Play Store app
- At the top right, tap the profile icon
- Tap Manage apps and devices. Manage
- Tap the name of the app that you want to delete
- Tap Uninstall
Sources used:
Mirror: 'Google bans another popular Android app - delete it today or face a terrifying threat'