Kaspersky Labs has detected a Trojan targeting Android devices. The special thing about this Trojan, named Podec, is that it can fool the image verification system CAPTCHA.
Η company security firm revealed the details of what it claims is the first malware that can successfully fool the online CAPTCHA image verification system on March 10.
The Russian company recognizes malware as Trojan-SMS.Android.Podec. It was first detected by security analysts at the end of 2014, but has since been informed.
Malware Podec automatically launches CAPTCHA requests in real time to the online translation service, Antigate.com, which converts the image into text, and transfers the data back to malware within seconds. This can convince any verification system that the actions taken have been done by somebody.
The purpose of Trojan is to get money from his victims by registering thousands of infected Android users in an additional charge service, as the security company says.
According to Kaspersky, Podec targets them users of Android devices, mainly through the popular Russian social network VKontakte. But there are other sources of malware transmission, such as the domains shown in the image below.
Infection spreads through links that promise cracked versions of popular games like Minecraft Pocket Edition.
Once a device is infected, the Podec asks for device management privileges that if granted, it will be very difficult to stop or delete the victim.
In addition, the Trojan uses deceptive methods and an "expensive legal code protector" to prevent any analysis of its code.
“Το Podec σηματοδοτεί μια νέα και επικίνδυνη φάση στην εξέλιξη των κινητών malware. Είναι ύπουλο και σοφιστικέ”, δήλωσε ο διευθυντής της ερευνητικής ομάδας της Kaspersky Lab Victor Chebyshev. “The social engineering tools used to distribute it, the commercial grade of protection used to disguise the malicious code, and the sophisticated extortion process achieved by bypassing the CAPTCHA check – all lead us to suspect that this Trojan was developed by a team of Android developers who specialize in fraud and illegal monetization.”
"It is clear that Podec is being further developed, possibly by setting new goals, and we urge users to be skeptical of all the links and offers that sound too good to be true," said the researcher.
Kaspersky recommends Android device users install only apps from official stores like Google Play and avoid downloading cracked apps that are distributed for free.
