Sign in with
Sign up | Sign in

New Tool Lets Anyone Turns Android Apps Into Malware

By - Source: Tom's Guide US | B 5 comments

Crime goes commercial: You can now buy a tool online that turns Android apps into malware in just a few simple steps.

Called Dendroid, the tool costs only $300 and comes with 24-hour support. Naturally, the developers accept Bitcoin.

MORE: Mobile Security Guide: Everything You Need to Know

First discovered by security research firm Symantec, Dendroid is a remote access tool (RAT) that "trojanizes" legitimate apps by inserting its malicious code into the application package file, or APK.

Dendroid, whose name is an adjective meaning "treelike" or "branching," can be purchased on underground online markets from a user who goes by "Soccer."  

Dendroid buyers also receive what's called an APK binder, which lets them "bind" Dendroid's functionality into the APK, thus creating an app that looks normal on the outside but is full of malware on the inside.

Criminals can then put the infected app into an Android app market, and anyone tricked into downloading and installing it will be infected. The malware can't trojanize apps that are already downloaded onto your phone.

Dendroidified apps can do just about anything a cybercriminal could want: delete the infected phone's call logs, make it secretly call specific phone numbers, open Web pages, intercept text messages and more. The malware can even access the phone's microphone and camera to silently record calls and take video and photos.

Users can control these features through a command-and-control server, which appears to be included in Dendroid's $300 price.

Mobile anti-malware developer Lookout claims that Dendroid seems designed to get its infected apps into the Google Play store, the official and  most secure Android app store.

"We only detected a single application infected with Dendroid and it has already been removed from the Play Store," Lookout said on its blog. "However, the developer’s account is still open."

Injecting app APKs with malware isn't actually that difficult; cybercriminals have been doing it manually for years. Security researchers have even found other tools like Dendroid for automating the process, most famously the free AndroRAT. But Dendroid makes it easier and more accessible than ever.

To protect against Dendroid and other trojanized apps, make sure you have robust anti-virus protection on your phone and set it to frequently scan for malicious code. You should also only download Android apps from the Google Play store — make sure that "Unknown sources" is unchecked in your security settings — and then only from legitimate developers.

Email jscharr@techmedianetwork.com or follow her @JillScharr and Google+.  Follow us @TomsGuide, on Facebook and on Google+.

Discuss
Display all 5 comments.
This thread is closed for comments
  • 4 Hide
    amk-aka-Phantom , March 7, 2014 11:44 AM
    Quote:
    This website bans you if you mention anything to do with downloading copyrighted materials or if you talk about hackingYEThere they are posting about hacking and how for 300$ you can become a real hacker and cause damage!tomshardware = epic fail
    How is this a fail if they notify us of a real threat, tell us how easy (just $300) for any malefactor to acquire it, describe how it works and suggest what can be done to avoid being infected? No DL links have been provided to make it easier to obtain this tool and now readers know of this danger. I don't see a fail here.Though I must admit that this is annoying and I don't feel like "running an antivirus" on my phone, the poor thing is barely managing as it is (Galaxy S1 with Android 4.4) thanks to resource hog apps like FB and Skype. Antivirus will absolutely kill it. But since I don't get apps from anything but Google Play... I should be fine.
  • 4 Hide
    jarred125 , March 7, 2014 1:17 PM
    Quote:
    Quote:
    Quote:
    This website bans you if you mention anything to do with downloading copyrighted materials or if you talk about hackingYEThere they are posting about hacking and how for 300$ you can become a real hacker and cause damage!tomshardware = epic fail
    How is this a fail if they notify us of a real threat, tell us how easy (just $300) for any malefactor to acquire it, describe how it works and suggest what can be done to avoid being infected? No DL links have been provided to make it easier to obtain this tool and now readers know of this danger. I don't see a fail here.Though I must admit that this is annoying and I don't feel like "running an antivirus" on my phone, the poor thing is barely managing as it is (Galaxy S1 with Android 4.4) thanks to resource hog apps like FB and Skype. Antivirus will absolutely kill it. But since I don't get apps from anything but Google Play... I should be fine.
    1) 300$ is nothing to someone who is looking for this.2) by having an article on a mainstream site, even if no links are provided, actually promotes this product. You can find this easily by looking it up.It is a fail!
    Security through obscurity is not security, Tom's posting an article about it isn't going to hurt anything. Get over it.
  • 0 Hide
    jakjawagon , March 7, 2014 2:25 PM
    Quote:
    You should also only download Android apps from the Google Play store — make sure that "Unknown sources" is unchecked in your security settings
    Because there are absolutely no other legit Android app stores, like, for example, Amazon.
  • 0 Hide
    abbadon_34 , March 8, 2014 2:31 AM
    Is this another sponsored ad? By Apple....
  • 0 Hide
    otacon72 , March 8, 2014 1:45 PM
    Quote:
    Is this another sponsored ad? By Apple....
    You're as bright as burnt out light bulb. Truth hurts...Android is the most insecure OS in history. What's ever more shocking is that Google took an inherently secure OS and completely screwed it up.
Tom’s guide in the world
  • Germany
  • France
  • Italy
  • Ireland
  • UK
Follow Tom’s guide
Subscribe to our newsletter