430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs|CISA Warns BlueHammer Flaw Is Now Exploited in Ransomware Attacks|RustDuck: The Botnet That’s Still Small but Engineering Like It Plans to Grow|GuardFall Flaw Hits 10 of 11 Popular Open-Source AI Agents|XSS.is, The Forum That Ran the Ransomware Supply Chain Is Down. The Market Isn’t|U.S. CISA adds SimpleHelp flaw to its Known Exploited Vulnerabilities catalog|Hackers Steal Data of 4.38 Million Aflac Japan Customers|Apple Fixes WebKit Flaws in iOS and macOS, With Help From AI Tools|430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs|CISA Warns BlueHammer Flaw Is Now Exploited in Ransomware Attacks|RustDuck: The Botnet That’s Still Small but Engineering Like It Plans to Grow|GuardFall Flaw Hits 10 of 11 Popular Open-Source AI Agents|XSS.is, The Forum That Ran the Ransomware Supply Chain Is Down. The Market Isn’t|U.S. CISA adds SimpleHelp flaw to its Known Exploited Vulnerabilities catalog|Hackers Steal Data of 4.38 Million Aflac Japan Customers|Apple Fixes WebKit Flaws in iOS and macOS, With Help From AI Tools|
Advertisement

Ad Placeholder

Full Width × 90

Cyber Crime

Dendroid – A new Android RAT available on the underground

Symantec discovered a new HTTP Android Remote administration tool, named Dendroid, available on the underground market for only $300. Symantec researchers have discovered a new android malware toolkit dubbed Dendroid, early 2014 the company also detected AndroRAT, an Android Remote admin tool which is believed to be the first malware APK binder. Thanks to the diffusion of the Google […]

Dendroid – A new Android RAT available on the underground

Symantec discovered a new HTTP Android Remote administration tool, named Dendroid, available on the underground market for only $300.

Symantec researchers have discovered a new android malware toolkit dubbed Dendroid, early 2014 the company also detected AndroRAT, an Android Remote admin tool which is believed to be the first malware APK binder.

Thanks to the diffusion of the Google mobile OS, Android platform is considerable a privileged target for cybercriminal, it is increasing the offer in the criminal underground market for products and services to monetize illegal activities.

Dendroid is an HTTP Remote Admin Tool that is completely invisible to the user and firmware interface, the toolkit implements an application APK binder package and has a sophisticated PHP panel.

Dendroid Fig2_0

Symantec researchers discovered a link between Dendroid and AndroRAT toolkit:

” The APK binder used by Dendroid just so happens to share some links to the author of the original AndroRAT APK binder.” report the official post on Symantec blog.

Dendroid Fig3_0

Symantec experts  discovered advertising for Dendroid on underground forums, the toolkit it offered by a seller Dendroid known as “Soccer”, he offers a set of features never been seen before and a 24/7 customer support. The price for Dendroid toolkit is $300, buyers can pay it through principal virtual currency schema, including BitcoinLifeCoin, BTC-e.

Some of the many features on offer include the following:

  • Delete call logs
  • Call a phone number
  • Open Web pages
  • Record calls and audio
  • Intercept text messages
  • Take and upload photos and videos
  • Open an application
  • Initiate a HTTP flood (DoS) for a period of time
  • Change the command-and-control (C&C) server

The evolution of remote access tools on the Android platform is considered by Symantec inevitable, the demand for this kind of toolkit is increasing and security experts believe that in 2014 the number of new malware families will increase. t.

To stay protected install defensive application on your application, don’t jailbreak/root the device and always download applications from the official Stores.

Pierluigi Paganini

(Security Affairs –  Dendroid, mobile malware)