Former security intern admits developing super-stealthy Android spyware
Ars Technica 2015-08-27
A former intern at security firm FireEye has admitted in federal court that he designed a malicious software tool that allowed attackers to take control of other Android phones so they could spy on their owners.
Morgan Culbertson, 20, pleaded guilty to federal charges involving Dendroid, a software tool that provided everything needed to develop highly stealthy apps that among other things took pictures using the phone's camera, recorded audio and video, downloaded photos, and recorded calls. According to this 2014 blog post from Android security firm Lookout, at least one app built with Dendroid found its way into the official Google Play market, in part thanks to code that helped it evade detection by Bouncer, Google’s anti-malware screening system.
Culbertson, who last month was one of 70 people arrested in an international law enforcement sting targeting the Darkode online crime forum, said in a LinkedIn profile that he spent four months at FireEye. While there, he said, he "improved Android malware detection by discovering new malicious malware families and using a multitude of different tools." He was also a student at Carnegie Mellon University.