|
|
| Page 1 of 1 |
kumkss
Posts: 4835
Location: Chile
|
 Posted: Wed, 11th Jul 2007 07:00 Post subject: Spammers overcome Hotmail and Yahoo CAPTCHA systems |
|
 |
| Quote: | It appears that spammers have found a way of automatically creating Hotmail and Yahoo email accounts, having already created more than 15,000 bogus Hotmail accounts, according to security company BitDefender.
Both Microsoft and Yahoo use "captcha" systems to stop email accounts from being automatically generated; accounts aren't created until a new user correctly identifies letters depicted in an image. CAPTCHA systems are designed to ensure that the letters are not easily recognized by machines.
BitDefender says that a new threat, dubbed Trojan.Spammer.HotLan.A, is using automatically generated Yahoo and Hotmail accounts to send out spam email, which suggests that spammers have found a way to overcome Microsoft's and Yahoo's CAPTCHA systems.
According to BitDefender, every active copy of the Trojan accesses an email account, then pulls encrypted spam e-mails from a website, decrypts them and sends them to presumably valid addresses taken from yet another website.
The spam e-mail currently being distributed is trying to lead users to a site that advertises pharmacy products. Common spammer techniques are used in the e-mail body, such as bayesian poisoning and a random e-mail subject.
"There are only about 500 or so new accounts being created every hour," said Viorel Canja, the head of the BitDefender Antivirus Lab.
"But still, we've seen 15,000+ Hotmail accounts being used so far. It's hard to estimate how many spam e-mails have already been sent."
BitDefender claims to be the first security company to detect Trojan.Spammer.HotLan.A and add a signature. |
http://tech.blorge.com/Structure:%20/2007/07/08/spammers-overcome-hotmail-and-yahoo-captcha-systems/
always fun to get some news... 
|
|
| Back to top |
|
|
|
|
| Posted: Wed, 18th Jul 2007 13:31 Post subject: |
|
|
It's not that difficult to train a system (a neural network is great at transpositions, where other systmes might be better at char recognition) to read and understand captchas maybe 1 in 10 times. Especially considering that hotmail is using quite simple captchas so that people actually are able to read them. The basic idea of a secure system for such mega sites is rotating generating algorithm.
|
|
| Back to top |
|
|
|
|
| Posted: Wed, 18th Jul 2007 14:50 Post subject: |
|
|
you can automatically recognize every image. bets way to defend is to chance the type of images each day (then it needs to be programmed all over again to be able to automatically read it)
|
|
| Back to top |
|
|
javlar
Posts: 1921
Location: Kalmar, Sweden
|
| Posted: Wed, 18th Jul 2007 21:09 Post subject: |
|
|
I can hardly read those damn letters most times. A friend of mine is colorblind and he pretty much cant read any of the newer ones
Gaming - Intel Quad Q9450 @ 3.2GHZ | Radeon HD 4870 X2 2GB | SB X-Fi | PC6400 8GB | 300GB Velociraptor
HTPC - Antec Fusion Remote | AMD Athlon 7850 X2 | PC6400 2GB | 74GB Raptor
Server - Athlon 64 X2 4200+ | Radeon HD 3450 | SB X-Fi | PC5300 2GB | 4TB+ total space
XBOX360 Gamertag: javlarmate
|
|
| Back to top |
|
|
|
|
| Posted: Thu, 19th Jul 2007 02:21 Post subject: |
|
|
I can hardly read some of them too.
|
|
| Back to top |
|
|
|
|
| Posted: Sat, 21st Jul 2007 01:39 Post subject: |
|
|
they shoud generate these texts in a real time 3D text box,well a plugin will be required,but I guess no machine will be able to read this.
|
|
| Back to top |
|
|
spankie
VIP Member
Posts: 2958
Location: Belgium
|
| Posted: Mon, 23rd Jul 2007 00:53 Post subject: |
|
|
a pc can always be trained to recognize if a human brain can recognise it.
And a pc never has a bad day, a headache, typos etc...
|
|
| Back to top |
|
|
| Page 1 of 1 |
All times are GMT + 1 Hour |
|
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
|
Powered by phpBB 2.0.8 © 2001, 2002 phpBB Group
|
|
 |
|
