If you’ve ever signed up for an account at almost any site, you’ve probably run into CAPTCHAs. Those distorted letters that distinguish humans from bots. They may not be reliable for weeding out bots anymore. Kapersky Labs, a Russian security firm, says they’ve found a new Trojan infecting Android devices which can beat CAPTCHA verification.
The Trojan, known as Podec, does not have any kind of advanced AI for solving CAPTCHAs. It simply forwards the CAPTCHA to Antigate.com. Antigate.com is an online service, which uses human labor to decode a massive number of CAPTCHAs every day. While this is a neat trick, because this sort of thing hasn’t been seen before in a malicious program, it would be trivial to duplicate this functionality now that the idea behind it is widely known. There is some cost to using this method. Antigate charges about $0.70 per 1000 CAPTCHAs decoded, which is actually quite cheap. Anyone who is willing to spend a little bit of money can make a bot that beats CAPTCHAs.
Podec is not just some harmless novelty, it puts its CAPTCHA beating capability to malicious use. The Trojan signs up infected Android users for premium services, which can end up costing them a lot of money. Podec is being spread primarily through the Russian social networking site VKontakte. The Trojan is able to infect devices when a user clicks links promising cracked versions of games like Minecraft. Once installed Podec requests administrator privileges which, if granted, will prevent it from ever being disabled or uninstalled.
The researchers at Kapersky are also alarmed that the Trojan uses commercial grade code obfuscation which prevents them from analyzing its code. Based on the expensive code obfuscation and the Trojan’s clever CAPTCHA beating technique, they believe the Trojan is being developed by an experienced team of Android developers who specialize in fraud. Their advice to Android users is to avoid clicking links to offers that seem too good to be true.
Do you think that this Trojan is a serious threat to Android users? Leave your comment below.