Sunday, April 15, 2012

Russian spam bots captcha breaking GMail


Following the burglary protection from automatic registration of mailboxes (captcha) in e-mail systems Yahoo! and Microsoft Live has learned that a similar protection in the Google Mail is also broken. Obviously, the result will be an increase in spam from addresses of the web mail.





An example of malicious code, hacking captcha Google Mail, published recently in blog security experts urs-molotoff. blogspot. com. Spammer's bot is distributed as a trojan that is infecting your computer and from there attacked Gmail - downloads a captcha to the server, the server recognizes the captcha and gives the bot, the bot records the box and starts sending spam.





In this example, hidden address of the server to which the bot asks for instructions. However, experts, intercepting the session, said ' Vebplaneta ' that spammer bot ' is tied to the site in Russian '.





Earlier in January, a kind of ' a group of Russian scientists ' reported a break- captcha- system on Yahoo! The authors hinted technologies that are ready to develop its pritorgovat.





And this week it became known about breaking similar protection in Windows Life. Until recently, the protection of these services is considered reliable, and manufacturers of spam protection did not make it in their ' black list '. Now the situation is different: if you break up anti-spam filters blocked Websense less than 100 Windows Live accounts per day, and now by the thousands.





Apparently, for the salvation of the bots mentioned Web services will have to abandon the classic visual CAPTCHAs, and a more serious ' humanity tests '. For example, when registering the user can decide to invite a few differential equations, or to ask him about how the post was called Anton Nosik in ' Yandex '.



No comments:

Post a Comment