Dendroid (malware)
Dendroid is malware that affects Android OS and targets the mobile platform.[1]
It was first discovered in early of 2014 by Symantec and appeared in the underground for sale for $300.[2] Some things were noted in Dendroid, such as being able to hide from emulators at the time.[3] When first discovered in 2014 it was one of the most sophisticated Android remote administration tools known at that time.[4] It was one of the first Trojan applications to get past Google's Bouncer and caused researchers to warn about it being easier to create Android malware due to it.[5] It also seemed to follow in the footsteps of Zeus and SpyEye by having simple-to-use command and control panels.[6] The code appeared to be leaked somewhere around 2014.[7] It was noted that an apk binder was included in the leak, which provided a simple way to bind Dendroid to legitimate applications.
It is capable of:
- Deleting call logs
- Opening web pages
- Dialing any number
- Recording calls
- SMS intercepting
- Upload images, video
- Opening an application
- Able to perform a denial-of-service attack attack
- Can change the command and control server[8]
See also
References
- ^ Coogan, Peter (5 March 2014). "Android RATs Branch out with Dendroid". Symantec. Retrieved 23 October 2016.
- ^ http://securityaffairs.co/wordpress/22848/cyber-crime/dendroid-new-android-rat.html
- ^ https://www.bluecoat.com/security-blog/2014-05-27/dendroid-under-hood-%E2%80%93-look-inside-android-rat-kit
- ^ https://www.helpnetsecurity.com/2014/03/07/dendroid-spying-rat-malware-found-on-google-play/
- ^ http://www.pcworld.com/article/2105500/new-crimeware-tool-dendroid-makes-it-easier-to-create-android-malware-researchers-warn.html
- ^ https://www.mysonicwall.com/sonicalert/searchresults.aspx?ev=article&id=718
- ^ http://www.securityweek.com/source-code-android-rat-dendroid-leaked-online
- ^ http://thehackernews.com/2014/03/symantec-discovered-android-malware.html