Printed from

New commercial Android RAT makes creating malware apps easier

updated 01:20 pm EST, Sat March 8, 2014

Remote access tool Dendroid injects malware code into APK files

A HTTP new remote access toolkit (RAT) that is cause for concern has surfaced, according to anti-virus/anti-malware program maker Symantec, which makes turning legitimate Android apps into malware easier than before. The program, Dendroid (tagged as Android.Dendoroid by the security company), offers an easy-to-use commercial solution to inject malicious code for trojan access into APK files for placement on Android marketplaces, bypassing security checks.

The software comes with a list of features packed into a simple PHP panel that includes the ability to call a phone number, record calls, intercept text messages, take and upload photos, and initiate a HTTP flood (DoS) through a command-and-control server over HTTP. PC World has reported that the virtual private servers that run the control panel are hosted offshore. It also comes with a APK binder which was written with help from the author of one of the first RAT programs discovered for Android, AndroRAT. This binder connects Dendroid to the APK, creating a piece of software that appears to be official, but is really compromised.

It is important to note that Dendroid is unable to corrupt applications that have already been installed. Instead, the software banks on the idea of tricking users into downloading an infected application that merely looks official either through places like the Google Play store or external marketplaces. Android is currently the platform of choice for malware, responsible for 99 percent of known threats according to a recent report by Cisco.

Perhaps the oddest feature of Dendroid -- besides the fact that it has a $300 price tag that can be paid for with untraceable Bitcoins -- is the 24/7 technical support that the developer "Soccer" offers with the purchase of the "remote administration tool." It also has a sales video that claims the program has the ability to bypass the automated malware scanner for Google Play.

It is recommended that Android users employ anti-virus software on their devices. If the claims of the developer are true, even apps from the Google Play store -- much less any other source -- are not trustworthy at the present time. Google has yet to comment on Dendroid's claims.

By Electronista Staff


Login Here

Not a member of the MacNN forums? Register now for free.


Network Headlines


Most Popular


Recent Reviews

DoxieGo Portable Scanner

Sometimes, people need to scan things, but having a computer at hand to do so isn't exactly feasible. Maybe it's the home of a relativ ...

Dell AD211 Bluetooth speaker

For all of the high-priced, over-engineered Bluetooth speakers in the electronics market, there is still room for mass-market solution ...

VisionTek 128GB USB Pocket SSD

USB flash drives dealt the death blow to both the floppy and Zip drives. While still faster than either of the old removable media, sp ...



Most Commented


Popular News