17.02.2009
An innovative feature of the latest attack is that communication between the zombie PC and the remote host takes place using an encrypted channel, which makes detection or blocking of such traffic that much more difficult.
Microsoft's main weapon in the fight against Hotmail abuse is its ability to keep changing the image algorithm used to create the CAPTCHA images, buying time against abuse. Equally, the spammers appear able to catch up some time later by changing the decoding algorithms used by their software.
"As we've seen from previous patterns, spammers just attack whatever system is in place. They are financially motivated to get hold of details, and will increase the sophistication of attacks, in a persistent cycle," said Carl Leonard, Websense's European threat research manager.
The underlying change has been the rapid spread of automated tools for breaking CAPTCHA across a range of service providers, including Google and Yahoo. The same hacks are used to break CAPTCHAs protecting blogging accounts, creating a surge in fake websites running in parallel to fake email accounts. A range of suggestions have been put forward as replacements to the flawed system, including the use of 3D images that might be beyond current image-decoding technology.
» Android » Apple » Blackberry » Bring your own device
» Cloud Computing » Dienstwagen » E-Commerce » E-Mail
» Facebook » Interim Management » iPad » iPad Apps
» iPhone » Linkedin » Office 365 » Projektmanagement
» Recruiting » Rolle des CIO » SaaS » Scrum
» SWOT-Analyse » Top-CIOs » twitter » Virtualisierung
Newsletter von CIO.de
