Thursday, March 27, 2014

A New 'Dendroid Virus' Threatening Indian Android Phones

By Shivam Tech | INNLIVE

VIRUS ALERT Indian cyber security sleuths have alerted users of Android smartphones about the malicious activities of a tricky virus called 'Dendroid' whose infection could "completely compromise" their personal phone device.

The virus of the Trojan family, once activated, could change the command and control server of a user's personal Android phone and intercept private SMSes coming in or going out.

"It has been reported that a malicious toolkit called DENDROID is being used to create trojanised applications that infects Android-based smartphones.
The malware is created by modifying the required permissions by any clean APK (Android Application Package) with Dendroid RAT functionality that allows detailed management of the infected devices," the Computer Emergency Response Team of India (CERT-In) said in its latest advisory to Android phone users in the country.

The CERT-In is the nodal agency to combat hacking, phishing and to fortify security-related defences of the Indian Internet domain.

Security experts say the virus is street-smart because it has a striking resemblance to the name Android.

The agency said upon installation of this malicious application, a remote attacker could "completely compromise the affected Android-based smartphone and could control it remotely".

The virus can perform a number of malicious activities.

"It can change the command and control server, delete call logs, open web pages, dial any number, record calls and audio, SMS interception, upload images and video to remote location and open an application," the advisory said, categorising the virus as an "attack toolkit".

It said the malware infected "is controlled by the attacker through Dendroid Toolkit. Dendroid is a HTTP RAT, having a sophisticated PHP administration panel and an application APK binder package." The agency has suggested some countermeasures to thwart the ill-attempts of the latest virus including keeping a check on the overall usage and any unsatisfactory rise in the user's mobilephone bill.

"Do not download and install applications from untrusted sources, install applications downloaded from reputed application market only, run a full system scan on device with mobile security solution or mobile antivirus solution, check for the permissions required by an application before installing.

"Exercise caution while visiting trusted/untrusted sites for clicking links, install Android updates and patches as and when available from Android device vendors, users are advised to use device encryption or encrypting external SD card feature available with most of the Android OS," the agency said.

Android phone users, the CERT-In said, are also advised to keep an eye on data usage (application-wise usage also) and unusual increase in mobile bills and keep an eye on device battery usage (application-wise usage also).

"Avoid using unsecured and unknown Wi-Fi networks. There may be rogue Wi-Fi access points at public places used for distributing malicious applications and make a practice of taking regular backup of Android device," the advisory said.

No comments: