Dendroid (malware): Difference between revisions
Content deleted Content added
m Robot - Speedily moving category Mobile Malware to Category:Mobile malware per CFDS. |
update |
||
| Line 5: | Line 5: | ||
When first discovered in 2014 it was one of the most sophisticated Android [[Remote administration software|remote administration tool]]s known at that time.<ref>{{cite web | url=https://www.helpnetsecurity.com/2014/03/07/dendroid-spying-rat-malware-found-on-google-play/ | title=Dendroid spying RAT malware found on Google Play | publisher=helpnetsecurity.com | date=March 7, 2014 | accessdate=23 October 2016 | author=Zorz, Zeljka}}</ref> |
When first discovered in 2014 it was one of the most sophisticated Android [[Remote administration software|remote administration tool]]s known at that time.<ref>{{cite web | url=https://www.helpnetsecurity.com/2014/03/07/dendroid-spying-rat-malware-found-on-google-play/ | title=Dendroid spying RAT malware found on Google Play | publisher=helpnetsecurity.com | date=March 7, 2014 | accessdate=23 October 2016 | author=Zorz, Zeljka}}</ref> |
||
It was one of the first [[Trojan horse (computing)|Trojan application]]s to get past Google's Bouncer and caused researchers to warn about it being easier to create Android malware due to it.<ref>{{cite web | url=http://www.pcworld.com/article/2105500/new-crimeware-tool-dendroid-makes-it-easier-to-create-android-malware-researchers-warn.html | title=New crimeware tool Dendroid makes it easier to create Android malware, researchers warn | publisher=[[PC World]] | date=Mar 6, 2014 | accessdate=23 October 2016}}</ref> |
It was one of the first [[Trojan horse (computing)|Trojan application]]s to get past Google's Bouncer and caused researchers to warn about it being easier to create Android malware due to it.<ref>{{cite web | url=http://www.pcworld.com/article/2105500/new-crimeware-tool-dendroid-makes-it-easier-to-create-android-malware-researchers-warn.html | title=New crimeware tool Dendroid makes it easier to create Android malware, researchers warn | publisher=[[PC World]] | date=Mar 6, 2014 | accessdate=23 October 2016}}</ref> |
||
It also seems to have follow in the footsteps of [[Zeus (malware)|Zeus]] and SpyEye by having simple-to-use |
It also seems to have follow in the footsteps of [[Zeus (malware)|Zeus]] and SpyEye by having simple-to-use command and control panels.<ref>{{cite web | url=https://www.mysonicwall.com/sonicalert/searchresults.aspx?ev=article&id=718 | title=Source Code leaks for Android RAT Dendroid | publisher=mysonicwall.com | date=Aug 29, 2014 | accessdate=23 October 2016}}</ref> |
||
The code appeared to be leaked somewhere around 2014.<ref>{{cite web | url=http://www.securityweek.com/source-code-android-rat-dendroid-leaked-online | title=Source Code of Android RAT Dendroid Leaked Online | publisher=securityweek.com | accessdate=23 October 2016 | author=Kovacs, Eduard}}</ref> |
The code appeared to be leaked somewhere around 2014.<ref>{{cite web | url=http://www.securityweek.com/source-code-android-rat-dendroid-leaked-online | title=Source Code of Android RAT Dendroid Leaked Online | publisher=securityweek.com | accessdate=23 October 2016 | author=Kovacs, Eduard}}</ref> |
||
It was noted that an [[File binder|apk binder]] was included in the leak, which provided a simple way to bind Dendroid to legitimate applications. |
It was noted that an [[File binder|apk binder]] was included in the leak, which provided a simple way to bind Dendroid to legitimate applications. |
||
| Line 23: | Line 23: | ||
==See also== |
==See also== |
||
* [[Botnet]] |
* [[Botnet]] |
||
* [[Mirai (malware)|Mirai]] |
|||
* [[Shedun]] |
* [[Shedun]] |
||
* [[Zombie (computer science)]] |
* [[Zombie (computer science)]] |
||
Revision as of 22:59, 24 June 2017
Dendroid is malware that affects Android OS and targets the mobile platform.[1]
It was first discovered in early of 2014 by Symantec and appeared in the underground for sale for $300.[2] Some things were noted in Dendroid, such as being able to hide from emulators at the time.[3] When first discovered in 2014 it was one of the most sophisticated Android remote administration tools known at that time.[4] It was one of the first Trojan applications to get past Google's Bouncer and caused researchers to warn about it being easier to create Android malware due to it.[5] It also seems to have follow in the footsteps of Zeus and SpyEye by having simple-to-use command and control panels.[6] The code appeared to be leaked somewhere around 2014.[7] It was noted that an apk binder was included in the leak, which provided a simple way to bind Dendroid to legitimate applications.
It is capable of:
- Deleting call logs
- Opening web pages
- Dialing any number
- Recording calls
- SMS intercepting
- Uploading images and video
- Opening an application
- Performing denial-of-service attacks
- Changing the command and control server[8]
See also
References
- ^ Coogan, Peter (5 March 2014). "Android RATs Branch out with Dendroid". Symantec. Retrieved 23 October 2016.
- ^ Paganini, Pierluigi (March 7, 2014). "Dendroid – A new Android RAT available on the underground". securityaffairs.co. Retrieved 23 October 2016.
- ^ Leder, Felix (May 27, 2014). "Dendroid under the hood – A look inside an Android RAT kit". Blue Coat Labs. Retrieved 23 October 2016.
- ^ Zorz, Zeljka (March 7, 2014). "Dendroid spying RAT malware found on Google Play". helpnetsecurity.com. Retrieved 23 October 2016.
- ^ "New crimeware tool Dendroid makes it easier to create Android malware, researchers warn". PC World. Mar 6, 2014. Retrieved 23 October 2016.
- ^ "Source Code leaks for Android RAT Dendroid". mysonicwall.com. Aug 29, 2014. Retrieved 23 October 2016.
- ^ Kovacs, Eduard. "Source Code of Android RAT Dendroid Leaked Online". securityweek.com. Retrieved 23 October 2016.
- ^ Wei, Wang (March 5, 2014). "Symantec discovered Android Malware Toolkit named Dendroid". thehackernews.com. Retrieved 23 October 2016.