[pchelpers] News:Spammers crack Gmail Captcha

• From: John Durham <john.modec@xxxxxxxxxx>
• To: PC-Helpers <pchelpers@xxxxxxxxxxxxx>
• Date: Tue, 26 Feb 2008 08:17:53 +1300

Fresh fruit for rotting vegetables
By John Leyden
Published Monday 25th February 2008 17:10 GMT


Spammers, fresh from the success of cracking the Windows Live captcha
used by Hotmail, have broken the equivalent system at Gmail.

Internet security firm Websense reports that miscreants have created
bots which are capable of signing up and creating random Gmail accounts
for spamming purposes, defeating Captcha-based defences in the process.
It reckons the same group of spammers are behind both attacks.

Captcha (Completely Automated Public Turing test to tell Computers and
Humans Apart) challenge-response systems, which are used to prevent
accounts being created until a user correctly identifies letters in an
image, are designed to ensure requests are made by a human rather than
an automated program. The technique has been used to defeat automatic
sign-ups to email accounts by services including Yahoo! Mail and Gmail
for years, and hackers are increasingly successful in defeating the
approach. For example, the HotLan Trojan has created more than 500,000
spam email accounts with Hotmail, Yahoo! and Gmail since its arrival
back in July 2007.

Websense reckons the latest Gmail Captcha hack is the most sophisticated
it has seen to date. Unlike Live Mail Captcha breaking, which involved
just one zombie host doing the entire job, the Gmail breaking process
involves two compromised hosts. Each of the two compromised hosts
applies a slightly different technique to analysing Captcha, as
explained in a posting by Websense.

More here:
http://www.theregister.co.uk/2008/02/25/gmail_captcha_crack/
-- 
John Durham
Site http://modecideas.com
Server hosted on Ubuntu 4.10
Good advice is like good paint. It only works when applied.



-- 
-------list-services-below-----------
Regards, John Durham (list moderator) <http://modecideas.com/contact.html?sig>
Freelists login at http://www.freelists.org/cgi-bin/lsg2.cgi
List archives at http://www.freelists.org/archives/pchelpers
PC-HELPERS list subscribe/unsub at http://modecideas.com/discuss.htm?sig
Latest news live feeds at http://modecideas.com/indexhomenews.htm?sig
Good advice is like good paint- it only works if applied.

• » Related posts
• » Previous by Date
• » Next by Date
• » This Month's Archive
• » Main Archive Page

• » View list details
• » Manage your subscription