Dendroid (malware)

Dendroid is a Malware that affects Android OS and targets the mobile platform.^[1]

It was first discovered in early of 2014 by Symantec and appeared on the underground for sale for $300.^[2] Some things were noted in Dendroid, such as being able to hide from emulators at the time.^[3] When first discovered in 2014 it was one of the most sophisticated Android RATs known during that time^[4] It was one of the first Trojan applications to get past Google's Bouncer and caused researchers to warn about it being easier to create Android malware due to it^[5] It also seemed to follow in the footsteps of Zeus and SpyEye by having simple to use Command and control panels^[6] The code appeared to be leaked somewhere around 2014^[7]

It's capable of

• deleting call logs
• Opening web pages
• Dialing any number
• Recording calls
• SMS intercepting
• Upload images, video
• Opening an application
• Able to perform DoS attack
• Can change the command and control server^[8]

See also

• Botnet
• Command and control (malware)
• Shedun
• Trojan horse
• Zombie (computer science)
• Zeus (malware)

References

1. http://www.symantec.com/connect/blogs/android-rats-branch-out-dendroid
2. http://securityaffairs.co/wordpress/22848/cyber-crime/dendroid-new-android-rat.html
3. https://www.bluecoat.com/security-blog/2014-05-27/dendroid-under-hood-%E2%80%93-look-inside-android-rat-kit
4. https://www.helpnetsecurity.com/2014/03/07/dendroid-spying-rat-malware-found-on-google-play/
5. http://www.pcworld.com/article/2105500/new-crimeware-tool-dendroid-makes-it-easier-to-create-android-malware-researchers-warn.html
6. https://www.mysonicwall.com/sonicalert/searchresults.aspx?ev=article&id=718
7. http://www.securityweek.com/source-code-android-rat-dendroid-leaked-online
8. http://thehackernews.com/2014/03/symantec-discovered-android-malware.html