English Deutsch Español Français Italiano Portuguese Čeština Ελληνικά 中文(简体) 中文 (繁體) Tiếng Việt 日本語 ภาษาไทย Русский Български Nederlands Polski Svenska Norsk Dansk Suomi

McAfee Secure sites help keep you safe from identity theft, credit card fraud, spyware, spam, viruses and online scams

SPAMfighter is

Microsoft Gold Certified Partner

SPAMfighter also

Works with Windows Vista

SPAMfighter Exchange Module is Microsoft certified ".net connected".

Microsoft .NET Connected

Spammers Crack Microsoft’s CAPTCHA to Push Spam

According to security company Websense, spammers have managed to crack Google's Gmail and Microsoft's Hotmail service by using anti-CAPTCHA tools. The company's security experts state that CAPTCHA is a kind of challenge-response check used to ensure that only a human being generates the response and not a computer.

Furthermore, to crack CAPTCHA, spammers have set up automated bots, which are made not only to create and register random Hotmail accounts, but also simultaneously use these newly-created accounts to send spam messages from a proper Live Hotmail service.

The security specialists further reveal that the story of the downtrend in CAPTCHA's efficiency is an ongoing issue in 2008, as malware authors and hackers found methods to breach the security system's protection.

Moreover, in wake of two major Webmail providers again become vulnerable, CAPTCHA security is clearly not fulfilling the security requirements of either provider, and probably it is time to review the use of CAPTCHA.

The specialists explained that for Windows Live Hotmail, the bot starts its activity by attaching itself to Internet Explorer and interacting with the Hotmail sign-up servers. Meanwhile, the anti-CAPTCHA software contains a package of account identities, which it tries to use for starting the account creation. The series of account identities is presumably updated regularly, with accounts that work, kept intact and pre-existing or unacceptable accounts deleted.

Moreover, once spammers crack the CAPTCHA and create an account, e-mail IDs are entered and spam mails are sent followed by the logging out of the bots so that the whole process can be repeated

Furthermore, the security experts at Websense disclosed that the criminals had used the XRumer project to fool the CAPTCHA systems in Gmail. XRumer is a program to spam blogs and designed to con multiple CPATCHA systems. Once this project is successfully registered, it uses ways to bypass human detection such as posting a harmless query regarding a particular service or product.

Meanwhile, the specialists revealed that CAPTCHA-cracking is a massive business in countries like India, where employees enter thousands of CAPTCHAs every day for a very small sum of money per CAPTCHA successfully decoded.

» SPAMfighter News - 13-10-2008

SPAMfighter box shot

SPAMfighter is a free spam filter for Outlook, Outlook Express,Windows Mail and Thunderbird - Read more

Slow PC? Try SLOW-PCfighter

Optimize your Slow PC for better performance. Try FREE scan now.

 

Exchange spam filter

SPAMfighter Exchange Module is a spam/virus filter for Exchange server - Free 30 days trial

 

Spyware remover

Remove Spyware with SPYWAREfighter - Free 30 days trial

<<<>>>