Europe Confirms Record €4.1B Penalty Against Google for Android Practices|U.S. CISA adds a Microsoft SharePoint Server flaw to its Known Exploited Vulnerabilities catalog|430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs|CISA Warns BlueHammer Flaw Is Now Exploited in Ransomware Attacks|RustDuck: The Botnet That’s Still Small but Engineering Like It Plans to Grow|GuardFall Flaw Hits 10 of 11 Popular Open-Source AI Agents|XSS.is, The Forum That Ran the Ransomware Supply Chain Is Down. The Market Isn’t|U.S. CISA adds SimpleHelp flaw to its Known Exploited Vulnerabilities catalog|Europe Confirms Record €4.1B Penalty Against Google for Android Practices|U.S. CISA adds a Microsoft SharePoint Server flaw to its Known Exploited Vulnerabilities catalog|430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs|CISA Warns BlueHammer Flaw Is Now Exploited in Ransomware Attacks|RustDuck: The Botnet That’s Still Small but Engineering Like It Plans to Grow|GuardFall Flaw Hits 10 of 11 Popular Open-Source AI Agents|XSS.is, The Forum That Ran the Ransomware Supply Chain Is Down. The Market Isn’t|U.S. CISA adds SimpleHelp flaw to its Known Exploited Vulnerabilities catalog|
Advertisement

Ad Placeholder

Full Width × 90

Breaking News

A former intern at FireEye accused for Dendroid RAT developing

A former intern at FireEye firm has been arrested for developing and distributing the sophisticated Android malware dubbed Dendroid. A former intern at FireEye firm has been arrested for developing and distributing the sophisticated Android malware dubbed Dendroid.  Experts at Symantec in March 2014 discovered a new HTTP Android Remote administration tool, named Dendroid, available on […]

A former intern at FireEye accused for Dendroid RAT developing

A former intern at FireEye firm has been arrested for developing and distributing the sophisticated Android malware dubbed Dendroid.

A former intern at FireEye firm has been arrested for developing and distributing the sophisticated Android malware dubbed Dendroid.  Experts at Symantec in March 2014 discovered a new HTTP Android Remote administration tool, named Dendroid, available on the underground market for only $300.

The prosecutors say confirmed the arrest of Morgan Culbertson, 20, of Pittsburgh, the man with double face was working for the IT security Giant FireEye while was improving and selling the Dendroid RAT. According to the prosecutors, the young man was also offering for sale the source code of the mobile malware for $65,000.

The man was identified by law enforcement while running the operation codenamed Shrouded Horizon, that allowed authorities to arrest 70 administrators and members of the popular cybercrime forum Darkode.

“The US Attorney for Western District of Pennsylvania confirmed to FORBES the accused was the same Morgan Culbertson as the one listed on LinkedIn here. According to that page and court filings, he was selling his malware at the same time as working at FireEye.reported Forbes.

Culbertson worked at FireEye in the summer of 2014 for 12 weeks, he served as part of the Advanced Persistent Threat team as a mobile threat researcher. As highlighted by the media, there is the concrete risk that Culbertson could have used confidential FireEye research to improve his products. The information the young hacker accessed during the service could have allowed him to develop sophisticated anti-detection mechanism.

“I improved Android malware detection by discovering new malicious malware families and using a multitude of different tools, automation techniques and decompiling analysis heuristics,” Culbertson wrote.

FireEye officially confirmed that Culbertson had been suspended.

“Mr. Culbertson’s internship has been suspended pending an internal review of his activities,” FireEye said.

The accusations are serious, according to the FBI the man was charged with conspiring to send malicious code:

“He is accused of designing Dendroid, a coded malware intended to remotely access, control, and steal data from Google Android cellphones. The malware was allegedly offered for sale on Darkode.”

Dendroid is an HTTP Remote Admin Tool that is completely invisible to the user and firmware interface, the toolkit implements an application APK binder package and has a sophisticated PHP panel.

Dendroid Fig2_0

Symantec researchers discovered a link between Dendroid and AndroRAT toolkit:

Pierluigi Paganini

(Security Affairs –  Dendroid, mobile RAT)