English Deutsch Español Français Italiano Portuguese Čeština Ελληνικά 中文(简体) 中文 (繁體) Tiếng Việt 日本語 ภาษาไทย Русский Български Nederlands Polski Svenska Norsk Dansk Suomi

McAfee Secure sites help keep you safe from identity theft, credit card fraud, spyware, spam, viruses and online scams

Compatible with Windows 7

Works with Windows Vista

SPAMfighter is

Microsoft Gold Certified Partner

Spammers Crack Microsoft’s CAPTCHA to Push Spam

According to security company Websense, spammers have managed to crack Google's Gmail and Microsoft's Hotmail service by using anti-CAPTCHA tools. The company's security experts state that CAPTCHA is a kind of challenge-response check used to ensure that only a human being generates the response and not a computer.

Furthermore, to crack CAPTCHA, spammers have set up automated bots, which are made not only to create and register random Hotmail accounts, but also simultaneously use these newly-created accounts to send spam messages from a proper Live Hotmail service.

The security specialists further reveal that the story of the downtrend in CAPTCHA's efficiency is an ongoing issue in 2008, as malware authors and hackers found methods to breach the security system's protection.

Moreover, in wake of two major Webmail providers again become vulnerable, CAPTCHA security is clearly not fulfilling the security requirements of either provider, and probably it is time to review the use of CAPTCHA.

The specialists explained that for Windows Live Hotmail, the bot starts its activity by attaching itself to Internet Explorer and interacting with the Hotmail sign-up servers. Meanwhile, the anti-CAPTCHA software contains a package of account identities, which it tries to use for starting the account creation. The series of account identities is presumably updated regularly, with accounts that work, kept intact and pre-existing or unacceptable accounts deleted.

Moreover, once spammers crack the CAPTCHA and create an account, e-mail IDs are entered and spam mails are sent followed by the logging out of the bots so that the whole process can be repeated

Furthermore, the security experts at Websense disclosed that the criminals had used the XRumer project to fool the CAPTCHA systems in Gmail. XRumer is a program to spam blogs and designed to con multiple CPATCHA systems. Once this project is successfully registered, it uses ways to bypass human detection such as posting a harmless query regarding a particular service or product.

Meanwhile, the specialists revealed that CAPTCHA-cracking is a massive business in countries like India, where employees enter thousands of CAPTCHAs every day for a very small sum of money per CAPTCHA successfully decoded.

» SPAMfighter News - 13-10-2008

Bookmark and Share
Twitter Facebook RSS

SPAMfighter box shot

SPAMfighter is a free spam filter for Outlook, Outlook Express,Windows Mail and Thunderbird

Optimize Slow PC

Optimize your Slow PC for better performance. Try FREE scan now

Exchange spam filter

SPAMfighter Exchange Module is a Spam filter for Exchange server - Free 30 days trial

 

Spyware remover

Remove Spyware with SPYWAREfighter - Free 30 days trial


anti virus

Antivirus software for your Windows PC - Free 30 days trial

<<<>>>