The first tools to inject legitimate Android apps with open-source software that allows an attacker to control an infected smartphone remotely have been found in the criminal underground.
Symantec's discovery is the latest example of a growing market in commoditized services from highly specialized suppliers, similar to what has been available for years to commandeer and profit from infected Windows PCs.
The new tool, called a binder, costs $37, and is linked to a free remote access tool (RAT) that is growing in popularity. Known as AndroRAT, the open-source software was first released in November 2012.
The binder simplifies the process of repackaging a legitimate app with AndroRAT. Once the malware makes contact with the command and control (C&C) server, a criminal can use a customer friendly control panel to monitor and make phone calls, send text messages, use the smartphone's camera and microphone, access files and get the device's GPS coordinates, Symantec said last week.
ConversionConversion EmoticonEmoticon