Printed from http://www.electronista.com

New commercial Android RAT makes creating malware apps easier

updated 01:20 pm EST, Sat March 8, 2014

Remote access tool Dendroid injects malware code into APK files

A HTTP new remote access toolkit (RAT) that is cause for concern has surfaced, according to anti-virus/anti-malware program maker Symantec, which makes turning legitimate Android apps into malware easier than before. The program, Dendroid (tagged as Android.Dendoroid by the security company), offers an easy-to-use commercial solution to inject malicious code for trojan access into APK files for placement on Android marketplaces, bypassing security checks.

The software comes with a list of features packed into a simple PHP panel that includes the ability to call a phone number, record calls, intercept text messages, take and upload photos, and initiate a HTTP flood (DoS) through a command-and-control server over HTTP. PC World has reported that the virtual private servers that run the control panel are hosted offshore. It also comes with a APK binder which was written with help from the author of one of the first RAT programs discovered for Android, AndroRAT. This binder connects Dendroid to the APK, creating a piece of software that appears to be official, but is really compromised.

It is important to note that Dendroid is unable to corrupt applications that have already been installed. Instead, the software banks on the idea of tricking users into downloading an infected application that merely looks official either through places like the Google Play store or external marketplaces. Android is currently the platform of choice for malware, responsible for 99 percent of known threats according to a recent report by Cisco.

Perhaps the oddest feature of Dendroid -- besides the fact that it has a $300 price tag that can be paid for with untraceable Bitcoins -- is the 24/7 technical support that the developer "Soccer" offers with the purchase of the "remote administration tool." It also has a sales video that claims the program has the ability to bypass the automated malware scanner for Google Play.

It is recommended that Android users employ anti-virus software on their devices. If the claims of the developer are true, even apps from the Google Play store -- much less any other source -- are not trustworthy at the present time. Google has yet to comment on Dendroid's claims.



By Electronista Staff
toggle

Comments

Login Here

Not a member of the MacNN forums? Register now for free.

toggle

Network Headlines

toggle

Most Popular

Sponsor

Recent Reviews

Razer Taipan mouse

The list of gaming devices is growing larger with each passing day. A large number of companies have entered the gaming input arena, a ...

Cambridge Audio DacMagic XS

Every computer with a microphone or headphone port has one -- a digital to analog converter (DAC). There are nearly as many chipsets a ...

D-Link Wi-Fi Smart Plug

Home automation fans have been getting their fair share of gadgets and accessories in the last few years. Starting with light bulbs, a ...

Sponsor

toggle

Most Commented

 
toggle

Popular News