Dendroid- The Android Malware takes control of your smart phone

What is Dendroid ?

Dendroid is an Android Malware comes under category of Trojan which works as a Remote Access Tool (RAT). Here the legitimate Android application package files (.apk files) are inserted/modified with malware codes. The worst part is the criminals released this as commercial product, that anyone can purchase the Dendroid tool for 300 US$ with 24 hrs support through which any legitimate Android application file can be converted into a Remote Access Tool.

Power of Dendroid

A Dendroid malware infected Smartphone will be under attacker’s  command and control server.  See what Dendroid can do with your Android device.

1. Complete access of Messages. It can send, receive and block the SMS.
2. Download images from phone inbuilt/ SD card memory.
3. Can Record calls
4. Steals user’s browsing history and bookmarks.
5. Control of handset camera. Ability to take stills, videos silently and transfers to attackers server/mail.
6. Access of Email and Social media accounts configured in the handset.
7. Can open dialogue boxes to prank users and steal the credentials.
8. Can delete call logs.
9. Can make calls.

Ability to cheat Google Play store’s security firewall.

An application filtering system has been developed by Google to screen and eliminate the compromised applications from Google Play store before they reach to user devices. However several flaws are observed in this system and attackers succeeded in disguising the malware as legitimate apps.

Lookout Mobile Security says they could found one Dendroid infected application in Google Play. Even though the application has been pulled down recently, but the developer account is still active. This reveals the malware is immune to  play store’s bouncer screening mechanism. The most interesting part is that the seller of Dendroid toolkit offers warranty on the claimed stealth feature.

Why Dendroid is considered as a great threat?

Dendroid is not the first Android RAT, but no doubt it is the most sophisticated android malware ever identified. Apart from that this tool kit has distributed as a commercial product through some underground forums and portals. This escalates the level of threat. Dendroid developers (s) follows the same methodology of most dreaded financial Trojan kits like  SpyEye and Zeus targeted millions of Windows computers.

Indian Computer Emergency Response Team (CERT) has issued an advisory for alerting Indian smart phone users to keep themselves protected from Dendroid malware. More than 90% of Indian smart phones are powered by Android operating system.

In the developing markets like India and China , Android users download the pirated copies of premium Android applications from file sharing sites and through peer to peer networks. This virtually disables the app screening mechanism of Google Play Store.

How to stay away from Dendroid threat.

1. The first and foremost thing is to install Android applications from Google Play store only.

2. Don’t install relatively new Android applications even from the Play store also. Wait for  some positive reviews.

3. Before installing any application, check the application permissions. Don’t install the applications with suspected system privileges.

4. Install a reputed and trusted Antivirus Application for your Android Smart Phone.

5. Use device encryption / SD card encryption feature to safeguard your personal data.

6. Keep an eye on your data usage and calls.

7. Don’t use unsecured WiFi networks.

8. If you are suspected with a Dendroid attack, go for a factory reset and format your SD card.