Are screen recording apps listening to their users? for Android

Changes in the functionality of applications can occur even after it has been downloaded to the device. Updates are always an indicator of developers concern for users, but sometimes malware can be introduced with changes.

For example, iRecorder for Android is an application for recording what is happening on the users screen. But a year has passed, and another update has introduced a shadow function.

In September 2021, the app first appeared on Google Play, and in August 22nd, users discovered that every 15 minutes, it turns on recording for one minute. And then she transmitted the audio recording in encrypted form to the developers servers. After such statements, Lucas Stefano analyzed this point in detail, and documented the problem.

He conducted an examination, and reported that in August 2022, a Trojan for remote access was integrated into the code. At this time, 50,000 people have already installed the application. Of course, after Lucas report, Google Play removed the software from the market, but according to the expert, there are still a bunch of applications with an embedded Trojan that managed to bypass the verification.

Not only the Google platform suffers from such software. The App Store also cant keep track of everyone. According to the expert, there is a high probability of a Trojan in applications with recording of something. Sometimes, such programs are on paid subscriptions, money from them pays for false reviews that raise such applications to the top.

The main problem, according to Stefano, is that such programs do not become malicious immediately, but only after some time. They go through the permission stage and then release updates that make malicious changes.