New Android "RAT" infects Google Play apps, turning phones into spyware zombies

The practice of selling such a malware package targeting Android is so common it has a pet name among security researchers: an "Android RAT," for Remote Administration Tool.

However, the latest RAT is raising eyebrows in the security community because of its low cost (just $300 for unlimited use, paid for via untraceable currencies such as Bitcoin) and its ability to sneak past Google's automated malware scanner in the Google Play app market, where legitimate appearing, RAT-infected apps can hide out undetected.

Dendroid infects Google Play, gnaws at user data
RAT infected Android devices can be remotely zombified by the perpetrator, allowing virtually unlimited access to photos, data and messages on the device. The Dendroid RAT provides full access to infected devices' camera and microphone, and can place calls or listen in on a user's phone conversations or text messages.

Distributing Dendroid is easy because, as a report by security firm Lookout stated, "it looks as if Dendroid was designed with evading Play Store security in mind."

The firm noted that, "Amongst its numerous features, Dendroid features some relatively simple — yet unusual — anti-emulation detection code that helps it evade detection by Bouncer, Google's anti-malware screening system for the play store."

How to avoid Dendroid
Android users can adopt the same protections that Windows PC users did during the malware crisis that plagued Microsoft's platform ten years ago. That includes not installing apps from untrusted sources and installing third party malware scanner tools.

Over the past ten years however, a significant portion of Windows users have simply switched from the wide open, malware saturated Windows platform to Apple's Macs and iOS devices. Macs never became a significant malware target, an advantage Apple advertised and worked to preserve.

When it introduced iOS in 2007, Apple incorporated a new security model that attempted to destroy the low hanging fruit supporting the malware market on previous mobile devices.

0 Comment "New Android "RAT" infects Google Play apps, turning phones into spyware zombies"

Post a Comment