Podec: First Trojan to trick CAPTCHA into thinking its human

(Ping! Zine Web Hosting Magazine) – Kaspersky has discovered the Podec CAPTCHA Trojan, the first malware to successfully outwit the CAPTCHA image recognition system. Called Podec, the malware has developed a technique to convince CAPTCHA it is a person in order to subscribe thousands of infected Android users to premium-rate services.

Commenting on this, Lancope CTO, TK Keanini, said:

“I think this is a great example of how security is a game of innovation. Each side coevolves with one another. In all defensive measures it is only a matter of time before they are defeated through the innovation of the attacker. The defender then must go back and innovate more countermeasures and round and round we go.

The reason we will see more machine-to-machine attacks is because of the fact that there are just more machine-to-machine communications in architectures these days, driven by the growth cloud infrastructure supporting mobile and also by IoT architecture.

We must go back and remember why CAPTCHA countermeasures were invented.  Originally a countermeasure to kill attackers’ automation and force them to scale back to manual and human assisted techniques.  In other words, successful machine to machine automation needed to be defeated in this stage of the process.”