Jump to content

Dendroid (malware)

From Wikipedia, the free encyclopedia

This is an old revision of this page, as edited by Nurg (talk | contribs) at 07:31, 28 September 2016 (Nurg moved page Dendroid (Malware) to Dendroid (malware): downcase). The present address (URL) is a permanent link to this revision, which may differ significantly from the current revision.

Dendroid is malware that affects Android OS and targets the mobile platform.[1]

It was first discovered in early of 2014 by Symantec and appeared in the underground for sale for $300.[2] Some things were noted in Dendroid, such as being able to hide from emulators at the time.[3] When first discovered in 2014 it was one of the most sophisticated Android remote administration tools known at that time.[4] It was one of the first Trojan applications to get past Google's Bouncer and caused researchers to warn about it being easier to create Android malware due to it.[5] It also seemed to follow in the footsteps of Zeus and SpyEye by having simple-to-use command and control panels.[6] The code appeared to be leaked somewhere around 2014.[7] It was noted that an apk binder was included in the leak, which provided a simple way to bind Dendroid to legitimate applications.

It is capable of:

  • Deleting call logs
  • Opening web pages
  • Dialing any number
  • Recording calls
  • SMS intercepting
  • Upload images, video
  • Opening an application
  • Able to perform a denial-of-service attack attack
  • Can change the command and control server[8]

See also

References