Podec the first Trojan to bypass CAPTCHA image verification

Kaspersky Labs has detected a Trojan that targets Android devices. The particular in this Trojan, named Podec, is that it can trick the CAPTCHA image verification system.1jpg

The security company has revealed the details of what it claims to be the first malware that can successfully trick the online CAPTCHA image verification system on 10 March.

The Russian company recognizes malware as Trojan-SMS.Android.Podec. It was first detected by security analysts at the end of 2014, but has since been informed.

Malware Podec automatically launches CAPTCHA requests in real time to the online translation service, Antigate.com, which converts the image into text, and transfers the data back to malware within seconds. This can convince any verification system that the actions taken have been done by somebody.

The purpose of Trojan is to get money from his victims by registering thousands of infected Android users in an additional charge service, as the security company says.

According to Kaspersky, Podec is targeting users of Android devices, mainly via the popular Russian social network VKontakte. However, there are other sources of malware transmission, such as the domains shown in the figure below.podec

Infection spreads through links that promise cracked versions of popular games like Minecraft Pocket Edition.

Once a device is infected, the Podec asks for device management privileges that if granted, it will be very difficult to stop or delete the victim.

In addition, the Trojan uses deceptive methods and an "expensive legal code protector" to prevent any analysis of its code.

"Podec marks a new and dangerous phase in the evolution of mobile malware. It is insidious and sophisticated, "said Victor Chebyshev, director of Kaspersky Lab's research team. "The social engineering tools used to distribute it, the commercial degree of protection used to cover up malicious code, and the complex blackmail process achieved by bypassing CAPTCHA control - all lead us to suspect that this Trojan was developed. by a team of Android developers specializing in fraud and illegal monetization. ”

"It is clear that Podec is being further developed, possibly by setting new goals, and we urge users to be skeptical of all the links and offers that sound too good to be true," said the researcher.

Registration in iGuRu.gr via Email

Enter your email to subscribe to the email notification service for new posts.

Kaspersky recommends Android device users install only apps from official stores like Google Play and avoid downloading cracked apps that are distributed for free.

Read them Technology News from all over the world, with the validity of iGuRu.gr

Follow us on Google News iGuRu.gr at Google news