Selasa, 30 Mei 2023

Popular Android app is secretly SPYING on users - here's what to do - Daily Mail

Delete this app NOW: Popular Android app is secretly SPYING on users – what to do if you have it installed

  • iRecorder secretly steals pictures, files and web information on Android devices
  • It also records an audio snippet every 15 minutes by hijacking the microphone
  • Cyber experts at ESET currently do not know who is behind this malicious attack

Cybersecurity experts have warned that a popular Android app is secretly spying on users as part of a potential espionage campaign.

Phone owners have been urged to delete a malicious app known as iRecorder after it was found to subtly steal files, web information and even pictures.

The unsuspecting screen-recorder even makes use of a phone's microphone every 15 minutes, taking a snippet of audio for unknown purposes. 

This malware, discovered by ESET, did not come as part of the app when it launched in 2021.

Instead, attackers took a more unusual approach, with harmful features cropping up nearly a year later, in what may have been disguised as a typical update.

iRecorder secretly steals pictures, files and web information on Android devices (file image)

'Interestingly here is that the app passed initial tests to get on the Google Play store but it was the update that carried the malicious activity,' Jake Moore, Global Cybersecurity Advisor at ESET said.

'Although the app is now removed from the Google Play store, it is advised to remove it from your phone if you installed it whilst it was still live. 

'By deleting the app, the phone will remain safe from prying eyes and ears.'

ESET believes the app has been downloaded by more than 50,000 people since its launch three years ago on Google Play.

Google has now removed this and Apple devices are unaffected, but it is still available to download from alternative Android markets.

Before using, phone holders are asked to give iRecorder permission to record audio and 'access photos, media and files'.

But ESET claims there are no other special permission requests that may hint to its harmful intentions. 

It is currently uncertain whether a specific group is behind this malware which uses a powerful open-source tool known as 'AhMyth'.

Google has now removed this and Apple devices are unaffected, but iRecorder is still available to download from alternative Android markets
Before using, users are asked to give iRecorder permission to record audio and 'access photos, media and files'

HOW TO USE  PLAY PROTECT ON GOOGLE

  1. Tap Google Play on an Android device
  2. Select your profile in the top right 
  3. Hit Play Protect
  4. Press Scan
  5. Remove any malware that is flagged by the scanner  

But ESET claims that AhMyth was previously employed by the Transparent Tribe -  a cyberespionage group that targets governments and military groups in South Asia.

To remove these harmful features from a device, all users need to do is simply delete the app. 

Google also offers a built-in security feature called Play Protect that can scan your apps for malware in future.  

This malware also comes just weeks after the security firm Kaspersky found 11 other apps on Google Play that hold a new type of malware known as Fleckpe.

This largely included photo and video editing apps including 'Photo Effect Editor' and 'Beauty Slimming Photo Editor'.

At the time, Google said that it takes 'security and privacy claims against apps seriously' and deleted these apps.

Yet, in the face of malware risks, ESET urges phone users to continue updating their phones as the benefits outweigh these risks.

Mr Moore added: 'This should hopefully not put people off updating as more damage can usually be done by not installing timely app and device updates.'

MailOnline has approached Google for further comment.  

Google warns of SPYWARE being used by foreign governments to hack into Apple and Android phones and snoop on citizens' activities 

Google warned of spyware being used by foreign governments to hack into Apple and Android phones and snoop on users' activities. 

The 'spyware' – software that steals information from a device – was created by Milan-based company RCS Lab, Google and security firm Lookout said. 

RCS Lab spyware has allegedly been used by the Italian and Kazakhstani governments to spy on private messages and contacts stored on their citizens' smartphones. 

RCS Lab is an example of a 'lawful intercept' company that claims to only sell to customers with legitimate use for surveillance, such as intelligence and law enforcement agencies. 

But in reality, such tools have often been abused under the guise of national security to spy on business executives, human rights activists, journalists, academics and government officials, security experts say. 

It's thought RCS Lab's spyware, nicknamed 'Hermit', is distributed via SMS messages that appear to come from legitimate sources.

Read more 

Adblock test (Why?)


https://news.google.com/rss/articles/CBMicWh0dHBzOi8vd3d3LmRhaWx5bWFpbC5jby51ay9zY2llbmNldGVjaC9hcnRpY2xlLTEyMTM5Mjc1L1BvcHVsYXItQW5kcm9pZC1hcHAtc2VjcmV0bHktU1BZSU5HLXVzZXJzLWluc3RhbGxlZC5odG1s0gEA?oc=5

2023-05-30 13:43:23Z
2051802477

Tidak ada komentar:

Posting Komentar