PC Stripper Fools Surfers into Spreading Spam

The writer of a new Trojan horse is claiming that e-mail users will ignore security for sex. A new Windows game has been created by spammers that exhibit a woman stripping off when users accurately type in text displayed in an associated image.

The malicious software, a new innovation, takes the shape of curvy "Melissa", an appealing, scantily dressed blonde who asks for the victim's help in undressing her. The trick employed by this scam is that every time the user solves a CAPTCHA code, an additional piece of clothing rips off "Melissa" figure. TrendMicro, an anti-virus firm, has identified the malware as TROJ_CAPTCHAR.A.

CAPTCHAs, expanded to "Completely Automated Public Turing test to tell Computers and Humans Apart", are those meandering alpha-numeric clusters that free Webmail service providers like Yahoo! ask the user to enter for opening a new e-mail account. Webmail providers use CAPTCHAs to restrict spammers from creating hundreds or thousands of auto-generated fake accounts. The new accounts, which are not yet logged in by anti-spam filters, are used for garbage-dumping by spammers.

The images doled out by the "Melissa" malware are CAPTCHAs spawned by Webmail registration method of Yahoo!. Thus, every time a victim takes off an outfit from her, spammers are able to generate yet another e-mail account.

Mr. Raimund Genes, Chief Technology Officer at Trend Micro, informed that earlier, viruses have fooled people into opening conning attachments with false promises of containing explicit images, but this was the first of its kind by actually showing people more images if they responded, reported BBC NEWS on October 30, 2007.

The two Internet security firms, Trend Micro and Panda Security, who have spotted the virus, believe that only few people have fell prey to it as not many of its copies have been found in the wild.

A Marketing Director at Sendmail said that in 2005, spammers targeted challenge-response e-mail systems, in which users were asked to respond to a challenge question for delivering the sender's message. spammers posted challenge questions on pornographic Websites and offered access to it by responding to the challenge question, thus delivering the spam.

Related article: PC-Virus of 2005 Threatening Japanese Bank Accountholders, Warns Symantec

» SPAMfighter News - 11/21/2007