The Android screen recording app started bugging users a year

The Android screen recording app started bugging users a year after it appeared on Google Play

Mobile applications may change their functionality even after being downloaded from the marketplace. Malicious software can develop from initially harmless software, which can cause considerable damage to the user. According to The Verge, iRecorder Screen Recorder for Android was originally intended to capture images from the smartphone screen, but almost a year after its release, it switched to the “dark side” and began to perform functions that were unusual for it.

    Image source: yang miao/

Image source: yang miao/

It is known that the software was first launched in September 2021, but after the August 2022 update, the application began to secretly record one minute of audio every 15 minutes and transmit the recordings to the developer’s server via an encrypted channel. The problem is documented in detail in the blog post by ESET expert Lukas Stefanko.

In his post, Lucas explained that the software acquired malicious functionality in August 2022, as code based on the so-called. AhMyth Android RAT (Remote Access Trojan). At this point, the application had 50,000 downloads. The issue has been reported and the product has been removed from Google Play. The expert adds that programs with integrated AhMyth previously passed Google’s security filters.

Malicious apps are widespread on both Google Play and App Store. Programs in which the recording of any content is functional can be particularly dangerous. In addition, they sometimes charge for subscriptions and their developers pay for reviews to increase visibility on Google or Apple platforms. Stefanko emphasizes the importance of the main problem: Often times, applications do not become malicious immediately after downloading. They are given all sorts of permissions, then upgraded and start malicious activities by leaking information from users’ devices to developers.

The iRecorder Screen Recorder app has already been removed, but nothing prevents another “sleeping” program from starting recording data on the smartphone at any time. Google regularly communicates changes to its in-app data sharing policy, but only when it is aware of such facts.

About the author

Robbie Elmers

Robbie Elmers is a staff writer for Tech News Space, covering software, applications and services.

Add Comment

Click here to post a comment