Dendroid 'Trojanizer' Turns Apps into Malware for Just $300
By Jill Scharr, Tom’s Guide
Crime goes commercial: You can now buy a tool online that turns Android apps into malware in just a few simple steps.
First discovered by security research firm Symantec, Dendroid is a remote access tool (RAT) that “trojanizes” legitimate apps by inserting its malicious code into the application package file, or APK.
Dendroid, whose name is an adjective meaning “treelike” or “branching,” can be purchased on underground online markets from a user who goes by “Soccer.”
Dendroid buyers also receive what’s called an APK binder, which lets them “bind” Dendroid’s functionality into the APK, thus creating an app that looks normal on the outside but is full of malware on the inside.
Criminals can then put the infected app into an Android app market, and anyone tricked into downloading and installing it will be infected. The malware can’t trojanize apps that are already downloaded onto your phone.
Dendroidified apps can do just about anything a cybercriminal could want: delete the infected phone’s call logs, make it secretly call specific phone numbers, open Web pages, intercept text messages and more. The malware can even access the phone’s microphone and camera to silently record calls and take video and photos.
Users can control these features through a command-and-control server, which appears to be included in Dendroid’s $300 price.
Mobile anti-malware developer Lookout claims that Dendroid seems designed to get its infected apps into the Google Play store, the official and most secure Android app store.
"We only detected a single application infected with Dendroid and it has already been removed from the Play Store," Lookout said on its blog. "However, the developer’s account is still open."
Injecting app APKs with malware isn’t actually that difficult; cybercriminals have been doing it manually for years. Security researchers have even found other tools like Dendroid for automating the process, most famously the free AndroRAT. But Dendroid makes it easier and more accessible than ever.
To protect against Dendroid and other trojanized apps, make sure you have robust anti-virus protection on your phone and set it to frequently scan for malicious code. You should also only download Android apps from the Google Play store — make sure that “Unknown sources” is unchecked in your security settings — and then only from legitimate developers.
- Botnets: What They Are, and How They Threaten Your Computer
- 7 Ways to Lock Down Your Online Privacy
- 12 Things You Didn’t Know Could Be Hacked
Copyright 2014 Toms Guides , a TechMediaNetwork company. All rights reserved. This material may not be published, broadcast, rewritten or redistributed.
You can follow Yahoo Tech on Facebook for all the latest.