Tuesday, July 10, 2007

Spammers Automatically Creating Hotmail And Yahoo Accounts

BitDefender researchers found that spammers are easily bypassing the captcha system, to automatically set up new e-mail accounts to use to send out waves of spam.

By Sharon Gaudin, InformationWeek
Spammers have a new trick up their sleeves. According to researchers at BitDefender Labs, spammers are automatically creating Yahoo and Hotmail accounts, and using a Trojan to help them send waves of spam. The spammers, according to the security company, have figured out how to outwit the "captcha" security system. That's the one which won't allow a new e-mail account to be created until the creator correctly types in the twisted letters depicted in an image.
A piece of malware, Trojan.Spammer.HotLan.A, actually has been set up to access the e-mail accounts, pull down encrypted e-mails from another site, unencrypt them, and then send them to e-mail addresses stored in yet another Web site. "They've found a way to bypass the captcha system by using optical character recognition," said Vitor Souza, a manager at BitDefender, in an interview. "The software reads the images and transforms it into text. Once it bypasses the captcha system, it enables them to automatically creates the e-mail accounts." Souza said the automatic system creates accounts extremely quickly. "It's beyond what we've ever seen before," he said, adding that it can create 500 new e-mail accounts every hour and up to 15,000 a day.
"With this kind of speed, they can send spam from thousands of different accounts and that's a lot more resources for them," he added. "[Companies] have to look at this new threat," said Souza. "The captcha system has become a norm in the industry for setting up e-mails and different kinds of accounts. Responsible companies, like Yahoo and Hotmail, will have to find a way to fight this through more sophisticated security systems or they're going to have to find a new system all together." The spam is set up to currently lure unsuspecting users to a site that advertises pharmacy products, BitDefender researchers said.