Malware on Android, though controversial, isn’t exactly a new topic. But seeing a complete development suite that helps others create malware that has managed to evade Google Play Store’s security is definitely an alarming development.
Mobile security expert Lookout is going through great lengths to explain the case of Dendroid, which brands itself as an HTTP Android Remote Administration Tool. The professional-sounding phrase is just a sugary way to say that it is a remote access toolkit that gives miscreants the tools to take control of someone’s device, resources, and data. What’s more, it is actually a tool that helps other people in creating malware that can then be installed on others’ Android smartphones.
Unlike other malware toolkits in the market, Dendroid offers the whole shebang of capabilities, including intercepting and sending messages, taking videos or photos, acquiring browser history and data, recording calls, and more. All without the user knowing, of course. What’s more, Dendroid makes the process completely stress free for the malicious wannabe. All of these features and conveniences for a single $300 lifetime purchase, with Bitcoins for the ultimate anonymity.
What is even more worrying is how Dendroid is boasting how it can help evade Bouncer, Google Play Store’s automated anti-malware checker. Dendroid employed an anti-emulation mode that doesn’t execute known bad code so as not to trigger Bouncer’s alarms. So far only one such malware created with the help of Dendroid was found and was reported and promptly taken down.
The growing sophistication and brazenness of tools that simplify the malware creation process is quite worrying and Lookout reminds Android users to take due diligence in keeping their devices and data safe. It probably wouldn’t hurt to have Lookout’s security app installed as well.