Spammers bypass captcha system

6 Jul 2007

A new type of Trojan horse is using Hotmail and Yahoo! accounts to send email spam, security firm BitDefender has warned.

The Trojan.Spammer.HotLan.A malware uses automatically-generated accounts, suggesting that spammers have found a way to bypass the captcha systems, whereby new accounts aren’t created until the creator guesses correctly which letters are depicted in an image.

Every copy of the Trojan Horse accesses an account, pulls encrypted spam emails from a website, decrypts them and sends them to email addresses taken from yet another website.

“There are only about 500 or so new accounts being created every hour but still we’ve seen 15,000-plus Hotmail accounts being used so far. It’s hard to estimate how many spam emails have already been sent,” commented Viorel Canja, head of BitDefender Antivirus Lab.

The spam email currently being distributed is trying to lead users to a site that advertises pharmacy products. Common spammer techniques are used in the email body, such as bayesian poisoning and a random email subject.

By Niall Byrne