Saturday, March 29, 2014

Beware of DenDroid

A new commercial tool  designed to allow cyber criminals to easily  transform legitimate Android  applications into malicious  software has hit the  underground market, paving  the way for cheap and easy  development of sophisticated  Android malware. The developers who are behind the creation of this virus are certainly street smart as they have named this virus Dendroid, which resembles to the actual operating system: Android. Ignorant and non-suspecting users can download this app assuming it to be safe and something related to Android, thereby compromising the security and functionality of their smart phones.
The toolkit is called Dendroid and can be used to create “trojanized” apps—legitimate  applications with malicious code added to them—that connect  back to a command-and-control server over HTTP and allow  attackers to perform a variety  of malicious actions on devices  that have those apps installed.
Dendroid is marketed by its  creators as an Android remote  administration tool (RAT) and is  being sold for US$300, security  researchers from Symantec  said Wednesday in a blog post .  Buyers receive a tool called an  “APK Binder” that can be used  to add the Dendroid RAT  functionality and its required  permissions to any clean APK  (Android application package) as well as access to a  sophisticated PHP-based  control panel that allows  detailed management of the  infected devices.
Dendroid’s features include  deleting call logs and files;  calling phone numbers; opening Web pages; recording calls and  audio from the microphone;  intercepting text messages;  taking and uploading photos  and videos; opening  applications and launching HTTP flood (denial-of-service) attacks for a period of time specified  by the attacker. The virus was first detected by Symantec. As per their research, “Dendroid is a HTTP RAT that is marketed as being transparent to the user and firmware interface, having a sophisticated PHP panel, and an application APK binder package.”.

The Indian Computer Emergency Response Team (CERT-IN) warned about a currently active Dendroid malware campaign that is spreading across India, targeting Android users.
"It has been reported that a malicious toolkit called DENDROID is being used to create trojanized applications that infects Android-based Smartphones. The malware is created by modifying the required permissions by any clean APK (Android Application Package) with Dendroid RAT functionality that allows detailed management of the infected devices," the Computer Emergency Response Team of India (CERT-In) said in its latest advisory.Last month, CERT-In had warned Android Kitkat and Facebook users regarding security hacks on their mobiles. And within 30 days, this is the second such warning coming from India’s premier cyber security and investigation cell.

MEASURES TO PROTECT
*.Install applications downloaded from reputed app stores only.
*.Install apk files with utmost care as some apks might be modded by the hackers.
*.Keep updating your mobile anti-virus and Firewall solution to protect your device from malware and cyber attacks.
*.Always Check applications permissions before installing it.

CONSIDER THESE APPS TO SECURE YOUR PHONE
1.      Avast Mobile Security
2.      McAfee WaveSecure
3.      Snap Secure Mobile Security
4.      Norton Mobile Security Lite
5.      mSecure Password Manager
6.      AppScan Beta
7.      TrustGo Anti-Virus and Mobile Security
8.      Bitfinder Mobile Security


0 comments: