Source Code of Android RAT Dendroid Leaked Online

Posted on August 20, 2014 | External Data Leaks

From SecurityWeek.

The complete source code for the Android remote access Trojan (RAT) called Dendroid has been leaked online, which researchers from PhishLabs have found contains several vulnerabilities.

“The lack of user input validation in Dendroid’s control panel is severe, especially when you consider the level of operational security needed in even smaller crimeware campaigns,” PhishLabs Threat Analyst Paul Burbage explained in a blog post.

One of the vulnerabilities, for which PhishLabs has published a proof-of-concept, is an unsanitized user input written to a file called Panel/config.php via a POST request to Panel/applysettings.php. By rewriting the configuration file, an attacker can inject and execute arbitrary PHP code, and even make the control panel inoperable.

“In the past, malware source code leaks have spawned several variants and led to more widespread use of the crimeware features that made the original malware desirable,” Burbage explained. “When the source code for Zeus Trojan was leaked in 2011, for example, it accelerated the proliferation of features designed to bypass online banking security measures.”

Recent News

A PhishLabs report by security writer Brian Krebs was featured in a CNET article warning web users about HTTPS security fraud on the Internet.

Founder and CTO of PhishLabs John LaCour spoke with FBI Special Agent Davey Ware at the RSA Conference in San Francisco to talk about how vishing attacks work to defraud victims of their money and

Half of all phishing sites now have padlocks, but are anything but secure

Originally published in BLEEPINGCOMPUTER

Excerpt:

Charleston-based cybersecurity company is named a top employer in South Carolina.