Trojan Uses Hotmail, Yahoo As Spam Hosts
On July 5, 2007, BitDefender Labs cautions about a new threat called Trojan.Spammer.Hotlan.A, which uses the accounts of yahoo and hotmail for sending spam mails.
This Trojan uses automatically generated accounts, which suggest that the spammers have found a method of surpassing the captcha systems, in which the new accounts are not made till the creator guesses correctly the letter showed in an image. Each copy of a Trojan uses an account, then takes out encrypted spam emails from a website, decrypts them and send them back to the addresses taken from another website.
As soon as an illegal account is created, the method remains completely traditional. The trojans will take encrypted spam mails on Internet site, decrypted them and finally send them to the addresses which were taken from another websites.
If by chance this malware will spread, it will be able to access automatically generated accounts. Interestingly, the accounts of Yahoo and Hotmail are protected by a protection system from captcha type, which demands that the user should seize a succession of natures contained in an image.
The spam email, which is presently in use, leads the users to a site that publishes products of pharmacy. Bayesian poisoning and a random email subject are the common spammer techniques being used in the body of the email.
According to the Head of BitDefender Antivirus Lab, Viorel Canja, there are almost 500 new accounts of mail created every hour out of which it becomes difficult to differentiate which one is a 'spam'. More than 15,000 Hotmail accounts have been being accessed so far. Further, it appears very difficult to collect the number of spam mails that are already sent, as published by TMS Net on July 5, 2007.
Canja continues by saying that many users still don't use anti-virus protection. And, if the virus continues to find new hosts, it's not easy to remove it, as per the news published by VNunet.com on July 3, 2007.
Related article: Trojans to Target VoIP in 2006
» SPAMfighter News - 19-07-2007