Kaspersky Labs has detected a Trojan targeting Android devices. The special thing about this Trojan, named Podec, is that it can fool the verification system pictures CAPTCHA.
The security company has revealed the details of what it claims to be the first malware that can successfully trick the online CAPTCHA image verification system on 10 March.
The Russian company recognizes malware as Trojan-SMS.Android.Podec. It was first detected by security analysts at the end of 2014, but has since been informed.
Το κακόβουλο λογισμικό Podec προωθεί αυτόματα τα requests CAPTCHA σε πραγματικό χρόνο στην online υπηρεσία μετάφρασης, Antigate.com, η οποία μετατρέπει την εικόνα σε κείμενο, και μεταφέρει τα data back to malware in seconds. Thus it can convince any verification system that the actions performed were done by a human.
The purpose of Trojan is to get money from his victims by registering thousands of infected Android users in an additional charge service, as the security company says.
According to Kaspersky, Podec is targeting users of Android devices, mainly via the popular Russian social network VKontakte. However, there are other sources of malware transmission, such as the domains shown in the figure below.
Infection spreads through links that promise cracked versions of popular games like Minecraft Pocket Edition.
Once a device is infected, the Podec asks for device management privileges that if granted, it will be very difficult to stop or delete the victim.
In addition, the Trojan uses deceptive methods and an "expensive legal code protector" to prevent any analysis of its code.
"Podec marks a new and dangerous phase in the evolution of mobile malware. It is insidious and sophisticated, "said Victor Chebyshev, director of Kaspersky Lab's research team. "The social engineering tools used to distribute it, the commercial degree of protection used to cover up malicious code, and the complex blackmail process achieved by bypassing CAPTCHA control - all lead us to suspect that this Trojan was developed. by a team of Android developers specializing in fraud and illegal monetization. ”
"It is clear that Podec is being further developed, possibly by setting new goals, and we urge users to be skeptical of all the links and offers that sound too good to be true," said the researcher.
Kaspersky recommends that users of Android devices only install applications that come from official stores like Google Play, and avoid downloading cracked apps that are distributed for free.