A popular Android app could be covertly spying on users - with many now deleing it from their devices over privacy fears.
The iRecorder was found to covertly steal files, web information and even pictures, according to cybersecurity experts.
They claim the app makes uses of the phone's microphone every 15 minutes, taking a small snippet of audio.
Malware is said to have infected the app, which did not include the potential privacy breach when it was first launched in 2021.
Potential hackers are said to have added the feature almost a year later - in a reported bid to disguise it as a normal update to an outdated version of the app.
Jake Moore, Global Cybersecurity Advisor at ESET said: "Interestingly here is that the app passed initial tests to get on the Google Play store but it was the update that carried the malicious activity
"Although the app is now removed from the Google Play store, it is advised to remove it from your phone if you installed it whilst it was still live.
"By deleting the app, the phone will remain safe from prying eyes and ears."
ESET estimates the app has been downloaded by more than 50,000 people since its launch three years ago on Google Play, reports the Mail Online.
Google has now removed this and Apple devices are unaffected, but it is still available to download from alternative Android markets.
Before using, phone holders are asked to give iRecorder permission to record audio and 'access photos, media and files'.
But ESET claims there are no other special permission requests that may hint to its harmful intentions.
It is currently uncertain whether a specific group is behind this malware which uses a powerful open-source tool known as 'AhMyth'.
