It’s a RAT or remote access tool. Dendroid is an Android RAT and is on sale to all comers for $300. Of course, it only “costs” that much if there’s only one victim, but this is a tool meant to be used again and again.
It looks as if Dendroid was designed with evading Play Store security in mind. Amongst its numerous features, Dendroid features some relatively simple — yet unusual — anti-emulation detection code that helps it evade detection by Bouncer, Google’s anti-malware screening system for the play store — Symantec
Fundamentally, Dendroid is designed to live on an infected Android device and can be used to steal information, monitor usage or take over the device.
The Dendroid Feature Set
— Ability to intercept and block SMS received by the target device
— Download Pictures from the target device
— Spy on the user by taking pictures or making audio and video recordings
— Download the user’s web browser history and any saved bookmarks
— Download any other accounts (email, social media, VPN) stored on the device
— Send texts as the device owner
— Record any ongoing calls
— Open a dialogue box to ask for passwords or send messages to the victim
As with the iPhone, Android security is where you find it or don’t. That is, as a practical matter the iPhone is pretty secure as a long as you don’t jailbreak and stay within Apple’s walled App Store garden.
While Android is more “open,” Dendroid is designed to infect people users that accept apps from “unknown sources,” a feature that can be turned off. If you have “unknown sources” turned on, fix that problem right now.
That, however, is not enough because, as noted above, Dendroid is designed to evade Google Play Store security.
So, the next thing you should do, according to multiple reliable sources, is get a mobile security app. Amazingly enough (sarcasm), Symantec, Lookout and a dozen other vendors will be quite happy to sell you.
Are you ready for Dendroid?