CrazyEngineers Archive
Old, but evergreen and popular discussions on CrazyEngineers, presented to you in read-only mode.
@Jason Estibeiro • 26 Mar, 2014 • 3 likes
Computer Emergency Response Team of India (CERT-In) is yet again alerting Android smartphone users about a virus which could compromise the data stored on the phone. In its advisory, CERT-In reports a toolkit called 'Dendroid' being used to malicious applications for Android smartphones. The virus was first spotted by Symantec and in their blog post they suggest that there is a strong cybercriminal marketplace for remote access tools.

dendroid

Dendroid is a HTTP Remote Administration Tool (RAT) which comes with a PHP administration panel and an application binder package. Using the Dendroid toolkit, a malicious Android application package (APK) file can be generated which will be able to offer features like the ability to delete call logs, open random webpages, record calls, intercept SMS's, change the command and control server and also perform Denial of Service (DoS) attack. Although, for cybercriminals, injecting APKs with malware isn't difficult, security researchers have still found tools similar to Dendroid which automate the process. Symantec believes that a tool known as AndroRAT was the first malware APK binder.

dendroid_2
Dendroid control panel

According to a blog post in Lookout, they claim that Dendroid was designed to evade Google Play Store security. They had however detected only one application infected with Dendroid and it had already been removed from the Play Store. From underground forums, Symantec has learnt that the official seller of Dendroid is known as "Soccer" and the toolkit can be bought with a payment of $300, to be paid through BitCoin, LiteCoin or other similar services.

dendroid_3
Dendroid APK Binder

CERT-In had also reported a VPN security fault in Andorid. Android being an open source platform, has been a target for cyber criminals. To protect your phone from such attacks, it is sensible to download apps from trusted source (Google Play).
@micheal john • 27 Mar, 2014 since Andriod is opensource why this bug is not found and fixed😉
4.7k views

Related Posts

@Manish Goyal · Apr 11, 2010

Lots of my classmates will go for advanced java for their upcoming training. can anyone explain me short what is difference between advanced java and core java?
46.8k views

@Bashiruddin Naik · Dec 26, 2011

JAVA GSM Based Projects: 1. GSM Based LAN WATCHER. 2. GSM Based Download Manager. 3. Spynet Using GSM. 4. Traffic Alert System using GSM. 5. GSM based Group Chatting Application....
10.3k views

@Maheshkaranam · Aug 4, 2015

In which stream can we explore better in present scenario of IT field..Can anyone give a clear idea about SAP, JAVA, .NET, ORACLE, BIPM, UNIX CPP, ASSURANCE, MAINFRAMES ETC..
13.6k views

@Deadman · Nov 19, 2015

Suggest some good sources. Most of them contains 10-12 web pages and tutorial is over. Are there any serious websites where i can learn the concept like we find in...
3.9k views

@Guneet Khanuja · Mar 25, 2014

Helpshift was founded by Baishampayan Ghose (CTO) and Abinash Tripathy (CEO) in 2011 with an aim to enable businesses and development teams to be able to fix issues before raising...
7.6k views