Malware that breaks through "CAPTCHA" that inputs distorted letters and numbers appears and what kind of mechanism is it?

ByJD

The authentication tool for entering distorted letters and numbers displayed on the input form or account creation screen is "CAPTCHA"is. This is a human beingBotAlthough it is a character input test made to distinguish between, it became clear that the latest malware breaks even this CAPTCHA.

Kaspersky Lab discovers Podec: the first Trojan to trick CAPTCHA into thinking its human | Kaspersky Lab
http://www.kaspersky.com/about/news/virus/2015/Kaspersky-Lab-discovers-Podec-first-Trojan-to-trick-CAPTCHA-into-thinking-its-human

CAPTCHA is a kore that comes up when trying to create an account on the Internet or entering text on an input form.


I discovered malware that breaks this character input of CAPTCHA because Russian security software development companyKasperskyA security analyst working in the research laboratory. The name of the malware is "Trojan-SMS.AndroidOS.Podec (Podec)", which is aimed at Android terminals. It was around the end of 2014 that this malware was discovered for the first time, after that, it seems that it evolved while repeating multiple updates.

How about Podec breaking through CAPTCHA's character input, the first service to convert images to text "Antigate.Com"CAPTCHA image will be sent to. Then, in Antigate.Com, letters and numbers in the image are converted into text by human input, so Podec inputs it and it breaks through the CAPTCHA system dramatically.

The purpose of this malware is "getting infected Android terminal to register for paid service etc." It seems that you get money by this unauthorized registration.

ByIntel Free Press

Kaspersky Security Software "Kaspersky Security NetworkAccording to the information collected using Podec, popular SNS in Russia "VKontakteIn many cases it is infected with Android devices through. A summary of Podec infection routes seems to spread through domains such as "apk-downlad3.ru" and "happynewyearmafaka.net" in the graph below, but the number of users infected via VKontakte (vk.com) It is obvious that there are so many.


How to install Podec from these domains on Android device is "Minecraft Pocket EditionKaspersky Security Analyst is analyzing whether it is called a crack version of a popular game such as "Android users are installing it based on the link.

Link to the crack version Minecraft Pocket Edition actually put in VKontakte.


In addition, once you give Podec administrator privileges, execution stoppage and deletion are likely to be impossible, and it became clear that Podec makes full use of state-of-the-art technology to prevent code analysis It is. As you can see, Podec is known to be a very sophisticated malware, and Kaspersky analysts comment, "It can be said that a lot of time would have been spent on development."

At the moment, it seems that only Russian Android users are suffering from Podec, so when using Kaspersky security application, it seems to be securely protected from this Podec. Another way to avoid Podec by other Android users is "Do not install applications outside of Google Play".