Android smartphone users in India beware as a tricky virus called ‘Dendroid’ has arrived in the country whose infection could “completely compromise” your smartphones.
The virus belongs to ‘Trojan’ family and after getting activated it has the potential to change the command and control server of your Android phone and intercept private SMSes coming in or going out.
“It has been reported that a malicious toolkit called DENDROID is being used to create trojanised applications that infects Android-based smartphones. The malware is created by modifying the required permissions by any clean APK (Android Application Package) with Dendroid RAT functionality that allows detailed management of the infected devices,” the Computer Emergency Response Team of India (CERT-In) said in its latest advisory to Android phone users in the country.
The CERT-In is the nodal agency to combat hacking, phishing and to make strong the security-related defences of the Indian Internet domain.
The agency said upon installation of this application, a remote attacker could “completely compromise the affected Android-based smartphone and could control it remotely”. The virus has been programmed to perform a number of malicious activities.
“It can change the command and control server, delete call logs, open web pages, dial any number, record calls and audio, SMS interception, upload images and video to remote location and open an application,” the advisory said, categorising the virus as an “attack toolkit”.
It said the malware infected “is controlled by the attacker through Dendroid Toolkit. Dendroid is a HTTP RAT, having a sophisticated PHP administration panel and an application APK binder package.”
The agency has suggested some countermeasures to thwart the ill-attempts of the latest virus including keeping a check on the overall usage and any unsatisfactory rise in the user’s mobilephone bill.
“Do not download and install applications from untrusted sources, install applications downloaded from reputed application market only, run a full system scan on device with mobile security solution or mobile antivirus solution, check for the permissions required by an application before installing. Exercise caution while visiting trusted/untrusted sites for clicking links, install Android updates and patches as and when available from Android device vendors, users are advised to use device encryption or encrypting external SD card feature available with most of the Android OS,” the agency said.
Recommended: Top 10 High-End Smartphones To Buy In India Under Rs 35,000
“It has been reported that a malicious toolkit called Dendroid is being used to create trojanised applications that infects Android-based smartphones. The malware is created by modifying the required permissions by any clean APK (Android Application Package) with Dendroid RAT functionality that allows detailed management of the infected devices,” the Computer Emergency Response Team of India (CERT-In) told in its latest advisory to Android phone users in the country.
Recommended: LG G2 Mini Global Roll-Out Officially Slated For This Month
Another malware detecting firm Symantec has also brought the malware to light by stating that it’s basically a HTTP RAT “that is marketed as being transparent to the user and firmware interface, having a sophisticated PHP panel, and an application APK binder package.”
“The APK binder used by Dendroid just so happens to share some links to the author of the original AndroRAT APK binder.”
As revealed, the virus has the capability to perform a number of unwanted malicious activities, and these include deleting call logs, calling a random phone number, intercepting text messages, automatically record calls and audio, automatically upload photos or videos, and even changing the command-and-control (C&C) server.
Recommended: Samsung Galaxy Tab 4 7.0 Leaked Online: Expected Specs
CERT-In has advised all Android owners and users to keep an eye on data usage, apart from unusual increase in mobile bills. Users are also advised keep an eye on device battery usage.
Source : gizbot.com & delhidailynews.com
