Dendroid (malware)

Dendroid is malware that affects Android OS and targets the mobile platform.

It was first discovered in early of 2014 by Symantec and appeared in the underground for sale for $300. Certain features were noted as being used in Dendroid, such as the ability to hide from emulators at the time. When first discovered in 2014 it was one of the most sophisticated Android remote administration tools known at that time. It was one of the first Trojan applications to get past Google's Bouncer and caused researchers to warn about it being easier to create Android malware due to it. It also seems to have followed in the footsteps of Zeus and SpyEye by having simple-to-use command and control panels. The code appeared to be leaked somewhere around 2014. It was noted that an apk binder was included in the leak, which provided a simple way to bind Dendroid to legitimate applications.

It is capable of:


 * Deleting call logs
 * Opening web pages
 * Dialing any number
 * Recording calls
 * SMS intercepting
 * Uploading images and video
 * Opening an application
 * Performing denial-of-service attacks
 * Changing the command and control server