Bot busts newest Hotmail CAPTCHA
Spammers have cracked Microsoft Corp.'s latest defense against abuse of its Live Hotmail e-mail service using a sophisticated network of hacked computers that receive encrypted instructions from a central server, a security company has reported.
The botnet, or collection of compromised PCs, can decipher Live Hotmail's CAPTCHA (Completely Automated Public Turing Test to Tell Computers and Humans Apart) registration safeguard in about 20 seconds, said Websense Inc. security researcher Sumeet Prasad.
CAPTCHA is the term for the distorted characters that many Web sites, such as e-mail services and blogs, use to prevent spammers and cyber criminals from creating massive numbers of new accounts. Those accounts are used to send junk mail or messages that try to dupe people into visiting malicious sites, and are valuable because spam filters rarely block the "hotmail.com" domain address.
Last fall, Microsoft revamped the CAPTCHA protection for Live Hotmail after earlier versions had been busted by hackers. Its newest defense has now fallen to a similar attack, said Prasad. "Every time Microsoft implements CAPTCHA changes to combat abuse of their services, the spammers adapt to those changes," Prasad said in an entry to the Websense security labs blog .
Sign up for ITworld's Daily newsletter
Follow ITworld on Twitter @IT_world
On Twitter now
microsoft
Powered by Twitter
jfruh
Apple syncing patent can't come soon enough
pasmith
New Twitter features borrow from 3rd party clients
Esther Schindler
Open Source Changes the Software Acquisition Process
mikelgan
How to set up continuous podcast play on the new iTunes
David Strom
Five important Windows 7 mobility features
sjvn
Guard your Wi-Fi for your own sake
Sandra Henry-Stocker
Grepping on Whole Words
Sidekick: The Good News & the Bad News
Either way you look at it Microsoft Data Center management did not follow standards or best practices in this failure. In which case it makes me wonder more about the outsourcing of corporate data much less personal data.
- mburton325
Join the conversation here
Quick, practical advice for IT pros. Made fresh daily.
Want to cash in on your IT savvy? Send your tip to tips@itworld.com. If we post it, we'll send you a $25 Amazon e-gift card.
That Ain't Right Boy!
You seem to have a bloodlust to label certain segments of the population.Before you gripe at me, let me first clarify that I am not a spammer, and I do get hit by spammers in my blogs and forums.
Now, I just tagged people who post off topic comments on my web pages as spammers... this is incorrect. They are mass marketers. They in most cases are not breaking any laws, and for the most part are minor annoyances.
You called them criminals as if it were fact. NO NO NO... They are not criminals any more than you are.
Just because we do not like something that someone does, and just because we may enjoy societal approval for our accusations and bad mouthing toward these people, it doesn't make them criminals.