Gmail fights off Trojan spammers

16 Aug 2007

After Yahoo! and security firm BitDefender joined forces to stem the amount of fake malicious email addresses generated by Trojan.Spammer.HotLan the malware company seems to have set its sights on both Hotmail and Gmail.

The ‘captcha’ security system in operation by all major webmail providers displays an image of randomly generated numbers and letters which needs a human to type in, thus deterring spambots.

However, the Trojan spammers have found a way of getting past this, and are now creating false Hotmail and Gmail accounts from which they are sending out masses of spam.

“There were 514,000 Hotmail accounts created as of Friday 3 August, as well as about 49,000 at Google,” said head of BitDefender Antivirus Lab Viorel Canja.

“However, it is worth noting that while most of the Hotmail accounts are operational, Gmail accounts get blocked pretty fast, usually about a couple of days after being created.”

BitDefender explained that the spambots bypass Captcha by taking the image in an encrypted form and sending it to a spammer-controlled website where it is decrypted and sent back.

The newly created email addresses are then used to send great volumes of spam to databases of valid email addresses harvested from various websites.

By Marie Boran