You are currently viewing This Android App Was Recording Thousands of Users Without Consent, Now Removed From Play Store

This Android App Was Recording Thousands of Users Without Consent, Now Removed From Play Store

Last Updated: May 25, 2023, 18:02 IST

Malicious apps continue to be a concern for Google

Play Store continues to harbour malicious apps that Google is finding to trace and remove before it causes damage.

Android apps have a notorious track record of evading privacy by either acting malicious or accessing the phone to steal data or track them. Now a new kind of issue has come up with Android apps where one of the apps available through the Play Store started recording users without taking their permission for accessing the microphone.

That’s not all, the app was even sending the data through an encrypted link to the server of the app developer. As per the details provided in a report by Ars Technica, the app named iRecorder Screen Recorder was the guilty party which indulged in this privacy nightmare almost a year after it first came out on the Play Store for users to download. The details of this breach have been recorded by Lukas Stefanko, who is a researcher at Essential Security against Evolving Threats or ESET.

Stefanko in his post explains that the app was released in September 2021 but one year later an update issued for the app included a malicious code that started the whole privacy breach for around 50,000 users who had downloaded the app by the time Google got it removed from the Play Store.

The biggest concern with sleeper apps like these is that they manage to circumvent Google’s so-called rigid security checks for apps on the Play Store, and a year later they start acting in the worst possible manner, infecting devices with malicious code that can have serious ramifications for the users.

Stefanko has seen cases like these both on iOS and Android and feel that recording apps are one of the biggest defaulters with such issues. Google has removed the iRecorder Screen recorder app now but we can’t say how much data the developer has already accessed from the supposed 50,000 users with the app on their phone, and how they plan to use the content.

Google claims it continues to tighten the security norms and forcing developers to share more updates with their users. But events like these clearly jolt the confidence of a user. All we can say is, be careful while downloading apps, even from the Play Store as these stories suggest.

Source link

Leave a Reply