Cat and mouse game of security has expanded itself to protections of web services. Earlier criminals developed a program that could pass Hotmail email service CAPTCHA tests. Microsoft updated protection but criminals have now busted the new protection too. Accuracy isn't big but it's enough for computer.
Internet's big free email services like Google's Gmail and Microsoft's Hotmail are attracting targets for criminals. These services are not put to block lists and email can be sent for free through them. The services use so called CAPTCHA tests to prevent mass account creation with criminals' automatic programs.
Security company Websense presents details about new attack in its blog. Microsoft's old CAPTCHA protections based on text scrambled with lines. Revised CAPTCHA contains badly twisted text but automatic program can now read this too.
Accuracy isn't big. According to Websense only every 8th or 10th attempt is successful (a success rate of 10 to 15%). For computer program this isn't obstacle since attempts can be made continuously.
This latest spambot targeting Microsoft's revised CAPTCHA system includes the combined features of spambots used to target Google's Blogger and Microsoft's Live Hotmail. Websense reported on these anti-CAPTCHA operations earlier this year (2008).
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment