Printed from http://www.electronista.com

New commercial Android RAT makes creating malware apps easier

updated 01:20 pm EST, Sat March 8, 2014

Remote access tool Dendroid injects malware code into APK files

A HTTP new remote access toolkit (RAT) that is cause for concern has surfaced, according to anti-virus/anti-malware program maker Symantec, which makes turning legitimate Android apps into malware easier than before. The program, Dendroid (tagged as Android.Dendoroid by the security company), offers an easy-to-use commercial solution to inject malicious code for trojan access into APK files for placement on Android marketplaces, bypassing security checks.

The software comes with a list of features packed into a simple PHP panel that includes the ability to call a phone number, record calls, intercept text messages, take and upload photos, and initiate a HTTP flood (DoS) through a command-and-control server over HTTP. PC World has reported that the virtual private servers that run the control panel are hosted offshore. It also comes with a APK binder which was written with help from the author of one of the first RAT programs discovered for Android, AndroRAT. This binder connects Dendroid to the APK, creating a piece of software that appears to be official, but is really compromised.

It is important to note that Dendroid is unable to corrupt applications that have already been installed. Instead, the software banks on the idea of tricking users into downloading an infected application that merely looks official either through places like the Google Play store or external marketplaces. Android is currently the platform of choice for malware, responsible for 99 percent of known threats according to a recent report by Cisco.

Perhaps the oddest feature of Dendroid -- besides the fact that it has a $300 price tag that can be paid for with untraceable Bitcoins -- is the 24/7 technical support that the developer "Soccer" offers with the purchase of the "remote administration tool." It also has a sales video that claims the program has the ability to bypass the automated malware scanner for Google Play.

It is recommended that Android users employ anti-virus software on their devices. If the claims of the developer are true, even apps from the Google Play store -- much less any other source -- are not trustworthy at the present time. Google has yet to comment on Dendroid's claims.



By Electronista Staff
toggle

Comments

Login Here

Not a member of the MacNN forums? Register now for free.

toggle

Network Headlines

toggle

Most Popular

Sponsor

Recent Reviews

Crucial MX100 256GB SATA-3 SSD

While the price to gigabyte ratio for magnetic platter-based hard drives can't be beat, the speed that a SSD brings to the table for a ...

Narrative Clip

With the advent of social media technology, people have been searching for new ways to share the events of their daily lives -- be it ...

Blue's Mikey Digital

Blue Microphones, a company that makes some of the most popular digital USB microphones among podcasters and musicians, has for some t ...

Sponsor

toggle

Most Commented

 
toggle

Popular News