It was first discovered in early of 2014 by Symantec and appeared in the underground for sale for $300. Certain features were noted as being used in Dendroid, such as the ability to hide from emulators at the time. When first discovered in 2014 it was one of the most sophisticated Android remote administration tools known at that time. It was one of the first Trojan applications to get past Google's Bouncer and caused researchers to warn about it being easier to create Android malware due to it. It also seems to have followed in the footsteps of Zeus and SpyEye by having simple-to-use command and control panels. The code appeared to be leaked somewhere around 2014. It was noted that an apk binder was included in the leak, which provided a simple way to bind Dendroid to legitimate applications.
It is capable of:
- Deleting call logs
- Opening web pages
- Dialing any number
- Recording calls
- SMS intercepting
- Uploading images and video
- Opening an application
- Performing denial-of-service attacks
- Changing the command and control server
- Coogan, Peter (5 March 2014). "Android RATs Branch out with Dendroid". Symantec. Retrieved 23 October 2016.
- Paganini, Pierluigi (March 7, 2014). "Dendroid – A new Android RAT available on the underground". securityaffairs.co. Retrieved 23 October 2016.
- Leder, Felix (May 27, 2014). "Dendroid under the hood – A look inside an Android RAT kit". Blue Coat Labs. Retrieved 23 October 2016.
- Zorz, Zeljka (March 7, 2014). "Dendroid spying RAT malware found on Google Play". helpnetsecurity.com. Retrieved 23 October 2016.
- "New crimeware tool Dendroid makes it easier to create Android malware, researchers warn". PC World. Mar 6, 2014. Retrieved 23 October 2016.
- "Source Code leaks for Android RAT Dendroid". mysonicwall.com. Aug 29, 2014. Retrieved 23 October 2016.
- Kovacs, Eduard. "Source Code of Android RAT Dendroid Leaked Online". securityweek.com. Retrieved 23 October 2016.
- Wei, Wang (March 5, 2014). "Symantec discovered Android Malware Toolkit named Dendroid". thehackernews.com. Retrieved 23 October 2016.