Dendroid:Making Malicious apps has never been easier


dendroid-malwareAndroid has really struggled with malicious applications ,also known as malware and now it seems the battle just got tougher.New tool,also known as crime-ware designed to allow cyber-criminals to easily transform legitimate Android applications into malicious software.This then makes it easier for black hat individuals or generally people with too much time on their hands and a bit of bad intent to create cheap sophisticated Android malware.

Dendroid is a toolkit that can be used to create trojanized apps,which basically are legitimate applications with malicious code added to them that connect back to a command-and-control server over HTTP and allow attackers to perform a variety of malicious actions on devices that have those apps installed.

The application is going for 300$ and is being marketed as an Android remote administration tool (RAT)allegedly Buyers receive a tool called an “APK Binder” that is then used to add the Dendroid RAT functionality and its required permissions to any clean APK (Android application package) as well as access to a sophisticated PHP-based control panel that allows detailed management of the infected devices.

So with all this power,what can Dendroid do? It can,intercept text messages; take and upload photos and videos,delete call logs and files; call phone numbers; open Web pages; record calls and audio from the microphone, open applications and launching HTTP flood (denial-of-service) attacks for a period of time.

According to Bogdan Botezatu, a senior e-threat analyst at Bitdefender,

Dendroid is a much improved remote access tool that is definitely aimed for commercial purposes.Although it roughly does the same as Androrat [an older Android RAT], it appears to be much more stable and allows cybercriminal groups to better manage the pool of mobile bots.Another interesting aspect would be the fact that Dendroid is currently delivered as a service: while the buyer gets the bot builder, the control panel is hosted by the team behind Dendroid on offshore virtual private servers, according to their clients.

This isn’t the first time such apps have made their way into the android market,a mobile security company called Marble Security recently identified a fake and malicious Netflix app that came per-installed on multiple Android devices from Samsung Electronics, Motorola Mobility and LG Electronics.