AAPL Stock: 117.81 ( -0.22 )

Printed from

New commercial Android RAT makes creating malware apps easier

updated 01:20 pm EST, Sat March 8, 2014

Remote access tool Dendroid injects malware code into APK files

A HTTP new remote access toolkit (RAT) that is cause for concern has surfaced, according to anti-virus/anti-malware program maker Symantec, which makes turning legitimate Android apps into malware easier than before. The program, Dendroid (tagged as Android.Dendoroid by the security company), offers an easy-to-use commercial solution to inject malicious code for trojan access into APK files for placement on Android marketplaces, bypassing security checks.

The software comes with a list of features packed into a simple PHP panel that includes the ability to call a phone number, record calls, intercept text messages, take and upload photos, and initiate a HTTP flood (DoS) through a command-and-control server over HTTP. PC World has reported that the virtual private servers that run the control panel are hosted offshore. It also comes with a APK binder which was written with help from the author of one of the first RAT programs discovered for Android, AndroRAT. This binder connects Dendroid to the APK, creating a piece of software that appears to be official, but is really compromised.

It is important to note that Dendroid is unable to corrupt applications that have already been installed. Instead, the software banks on the idea of tricking users into downloading an infected application that merely looks official either through places like the Google Play store or external marketplaces. Android is currently the platform of choice for malware, responsible for 99 percent of known threats according to a recent report by Cisco.

Perhaps the oddest feature of Dendroid -- besides the fact that it has a $300 price tag that can be paid for with untraceable Bitcoins -- is the 24/7 technical support that the developer "Soccer" offers with the purchase of the "remote administration tool." It also has a sales video that claims the program has the ability to bypass the automated malware scanner for Google Play.

It is recommended that Android users employ anti-virus software on their devices. If the claims of the developer are true, even apps from the Google Play store -- much less any other source -- are not trustworthy at the present time. Google has yet to comment on Dendroid's claims.

by MacNN Staff



Login Here

Not a member of the MacNN forums? Register now for free.


Network Headlines

Follow us on Facebook


Most Popular


Recent Reviews

Ultimate Ears Megaboom Bluetooth Speaker

Ultimate Ears (now owned by Logitech) has found great success in the marketplace with its "Boom" series of Bluetooth speakers, a mod ...

Kinivo URBN Premium Bluetooth Headphones

We love music, and we're willing to bet that you do, too. If you're like us, you probably spend a good portion of your time wearing ...

Jamstik+ MIDI Controller

For a long time the MIDI world has been dominated by keyboard-inspired controllers. Times are changing however, and we are slowly star ...


Most Commented