A virus from deadly 'Trojan' family is threatening Android phones in India - Financial Express ~ Electronic Gadgets

PTI | New Delhi | Updated: Mar 26 2014, 16:19 IST

Once activated, 'Dendroid' virus could change the command and control server of a user's personal Android phone and intercept private SMSes.

SummaryThe virus of deadly 'Trojan' family could control server of a user's personal Android phone.

Indian cyber security sleuths have alerted users of Android smartphone about the malicious activities of a tricky virus called 'Dendroid' whose infection could "completely compromise" their personal phone device.

The virus of the deadly 'Trojan' family, once activated, could change the command and control server of a user's personal Android phone and intercept private SMSes coming in or going out.

"It has been reported that a malicious toolkit called DENDROID is being used to create trojanised applications that infects Android-based smartphones. The malware is created by modifying the required permissions by any clean APK (Android Application Package) with Dendroid RAT functionality that allows detailed management of the infected devices," the Computer Emergency Response Team of India (CERT-In) said in its latest advisory to Android phone users in the country.

The CERT-In is the nodal agency to combat hacking, phishing and to fortify security-related defences of the Indian Internet domain.

Security experts say the virus is street-smart because it has a striking resemblance to the name Android.

Google Android

The agency said upon installation of this malicious application, a remote attacker could "completely compromise the affected Android-based smartphone and could control it remotely".

The virus can perform a number of malicious activities.

"It can change the command and control server, delete call logs, open web pages, dial any number, record calls and audio, SMS interception, upload images and video to remote location and open an application," the advisory said, categorising the virus as an "attack toolkit".

It said the malware infected "is controlled by the attacker through Dendroid Toolkit. Dendroid is a HTTP RAT, having a sophisticated PHP administration panel and an application APK binder package."

The agency has suggested some countermeasures to thwart the ill-attempts of the latest virus including keeping a check on the overall usage and any unsatisfactory rise in the user's mobilephone bill.

"Do not download and install applications from untrusted sources, install applications downloaded from reputed application market only, run a full system scan on device with mobile security solution or mobile antivirus solution, check for the permissions required by an application