Symantec researchers have discovered a new android malware toolkit dubbed Dendroid, early 2014 the company also detected AndroRAT, an Android Remote admin tool which is believed to be the first malware APK binder.
Thanks to the diffusion of the Google mobile OS, Android platform is considerable a privileged target for cybercriminal, it is increasing the offer in the criminal underground market for products and services to monetize illegal activities.
Dendroid is an HTTP Remote Admin Tool that is completely invisible to the user and firmware interface, the toolkit implements an application APK binder package and has a sophisticated PHP panel.
Symantec researchers discovered a link between Dendroid and AndroRAT toolkit:
” The APK binder used by Dendroid just so happens to share some links to the author of the original AndroRAT APK binder.” report the official post on Symantec blog.
Symantec experts discovered advertising for Dendroid on underground forums, the toolkit it offered by a seller Dendroid known as “Soccer”, he offers a set of features never been seen before and a 24/7 customer support. The price for Dendroid toolkit is $300, buyers can pay it through principal virtual currency schema, including Bitcoin, LifeCoin, BTC-e.
Some of the many features on offer include the following:
The evolution of remote access tools on the Android platform is considered by Symantec inevitable, the demand for this kind of toolkit is increasing and security experts believe that in 2014 the number of new malware families will increase. t.
(Security Affairs – Dendroid, mobile malware)