In association with heise online

29 October 2007, 12:54

Trojan tricks users into reading captchas

  • Twitter
  • Facebook
  • submit to slashdot
  • StumbleUpon
  • submit to reddit

Trend Micro and Panda Software report a trojan which persuades users to read captchas (Completely Automated Public Turing Test to Tell Computers and Humans Apart). The trojan known as RompeCaptchas.A, Captchar or Captcha Breaker then abuses its victims as human character recognition routines and can thus operate without intricate OCR requiring considerable computing power of its own. The trojan communicates with a malicious server that also connects to some selected legitimate site that uses captchas, in this case Yahoo. The server redirects the protective captchas issued by Yahoo to the trojan, which in turn presents them to the user. The user's responses are passed back to the server, which exploits them to create Yahoo mail accounts for spamming purposes.

The captcha issued by Yahoo is redirected to the user

To camouflage their malicious activities, the programmers of Captcha Breaker lead users to believe they are accessing a striptease programme where each piece of clothing to be taken off requires entering a particular captcha - which was actually provided by Yahoo.

The more captchas are entered, the more skin is revealed.

The trojan can generally be used for any web pages requiring captcha authorisation. Neither Trend Micro nor Panda describe how the malware gets onto users' PCs, but most likely it finds its way there as an email attachment. You can find tips and tools for safe email communication and protection against trojans and viruses on the heise Security anti-virus pages.

See also:


Print Version | Send by email | Permalink:

  • July's Community Calendar

The H Open

The H Security

The H Developer

The H Internet Toolkit