Kaspersky Labs has detected a Trojan that targets Android devices. The particular in this Trojan, named Podec, is that it can trick the CAPTCHA image verification system.
The security company has revealed the details of what it claims to be the first malware that can successfully trick the online CAPTCHA image verification system on 10 March.
The Russian company recognizes malware as Trojan-SMS.Android.Podec. It was first detected by security analysts at the end of 2014, but has since been informed.
Malware Podec automatically launches CAPTCHA requests in real time to the online translation service, Antigate.com, which converts the image into text, and transfers the data back to malware within seconds. This can convince any verification system that the actions taken have been done by somebody.
The purpose of Trojan is to get money from his victims by registering thousands of infected Android users in an additional charge service, as the security company says.
According to Kaspersky, Podec is targeting users of Android devices, mainly via the popular Russian social network VKontakte. However, there are other sources of malware transmission, such as the domains shown in the figure below.
The infection is spread through links that promise cracked versions of popular games such as Minecraft pocket edition.
Once a device is infected, the Podec asks for privileges managementof the device that, if administered, would be very difficult for the victim to stop or delete.
In addition, the Trojan uses deceptive methods and an "expensive legal code protector" to prevent any analysis of its code.
“Το Podec σηματοδοτεί μια νέα και επικίνδυνη φάση στην εξέλιξη των κινητών malware. Είναι ύπουλο και σοφιστικέ”, δήλωσε ο διευθυντής της ερευνητικής ομάδας της Kaspersky Lab Victor Chebyshev. “Τα εργαλεία κοινωνικής μηχανικής που χρησιμοποιούνται για την διανομή του, ο εμπορικός βαθμός protectionς που χρησιμοποιείται για να συγκαλύψει τον κακόβουλο κώδικα, και η πολύπλοκη διαδικασία του εκβιασμού που επιτυγχάνεται με την παράκαμψη του ελέγχου CAPTCHA – όλα μας οδηγούν να υποπτεύόμαστε ότι αυτό το Trojan αναπτύχθηκε από μια ομάδα προγραμματιστών Android που ειδικεύονται στην απάτη και την παράνομη νομισματοποίηση.”
"It is clear that Podec is developing further, possibly setting new targets, and we urge users to be skeptical of all connections and offers that sound too good to be true," said the researcher.
Η Kaspersky συνιστά στους χρήστες συσκευών Android να εγκαθιστούν μόνο εφαρμογές που προέρχονται από τα επίσημα καταστήματα όπως το Google Play, και να αποφύγουν τη λήψη cracked εφαρμογών που διανέμονται free.