Dendroid (malware)

From HandWiki
Revision as of 07:17, 27 June 2023 by Wikisleeper (talk | contribs) (link)
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Short description: Android based malware

Dendroid is malware that affects Android OS and targets the mobile platform.[1]

It was first discovered in early of 2014 by Symantec and appeared in the underground for sale for $300.[2] Certain features were noted as being used in Dendroid, such as the ability to hide from emulators at the time.[3] When first discovered in 2014 it was one of the most sophisticated Android remote administration tools known at that time.[4] It was one of the first Trojan applications to get past Google's Bouncer and caused researchers to warn about it being easier to create Android malware due to it.[5] It also seems to have followed in the footsteps of Zeus and SpyEye by having simple-to-use command and control panels.[6] The code appeared to be leaked somewhere around 2014.[7] It was noted that an apk binder was included in the leak, which provided a simple way to bind Dendroid to legitimate applications.

It is capable of:

  • Deleting call logs
  • Opening web pages
  • Dialing any number
  • Recording calls
  • SMS intercepting
  • Uploading images and video
  • Opening an application
  • Performing denial-of-service attacks
  • Changing the command and control server[8]

See also

References

  1. Coogan, Peter (5 March 2014). "Android RATs Branch out with Dendroid". Symantec. https://www.symantec.com/connect/blogs/android-rats-branch-out-dendroid. Retrieved 23 October 2016. 
  2. Paganini, Pierluigi (March 7, 2014). "Dendroid – A new Android RAT available on the underground". securityaffairs.co. http://securityaffairs.co/wordpress/22848/cyber-crime/dendroid-new-android-rat.html. Retrieved 23 October 2016. 
  3. Leder, Felix (May 27, 2014). "Dendroid under the hood – A look inside an Android RAT kit". Blue Coat Labs. https://www.bluecoat.com/security-blog/2014-05-27/dendroid-under-hood-%E2%80%93-look-inside-android-rat-kit. Retrieved 23 October 2016. 
  4. Zorz, Zeljka (March 7, 2014). "Dendroid spying RAT malware found on Google Play". helpnetsecurity.com. https://www.helpnetsecurity.com/2014/03/07/dendroid-spying-rat-malware-found-on-google-play/. Retrieved 23 October 2016. 
  5. "New crimeware tool Dendroid makes it easier to create Android malware, researchers warn". PC World. Mar 6, 2014. http://www.pcworld.com/article/2105500/new-crimeware-tool-dendroid-makes-it-easier-to-create-android-malware-researchers-warn.html. Retrieved 23 October 2016. 
  6. "Source Code leaks for Android RAT Dendroid". mysonicwall.com. Aug 29, 2014. https://www.mysonicwall.com/sonicalert/searchresults.aspx?ev=article&id=718. Retrieved 23 October 2016. 
  7. Kovacs, Eduard (20 August 2014). "Source Code of Android RAT Dendroid Leaked Online". securityweek.com. http://www.securityweek.com/source-code-android-rat-dendroid-leaked-online. Retrieved 23 October 2016. 
  8. Wei, Wang (March 5, 2014). "Symantec discovered Android Malware Toolkit named Dendroid". thehackernews.com. http://thehackernews.com/2014/03/symantec-discovered-android-malware.html. Retrieved 23 October 2016.