Research by ESET found that the Android app, “iRecorder — Screen Recorder,” introduced the malicious code as an app update almost a year after it was first listed on Google Play. The code, according to ESET, allowed the app to stealthily upload a minute of ambient audio from the device’s microphone every 15 minutes, as well as exfiltrate documents, web pages and media files from the user’s phone.
https://techcrunch.com/2023/05/29/popular-android-app-microphone-spying-google-play/