 |
|
| CURRENT SECTION :: TechZone | UK's most visited IT Contractor Site - 250k unique visitors March 2008 |
|
 |
If you’ve ever signed up for a webmail account – or indeed if you use the CUK bulletin board – you’ll have encountered a “captcha”. The term is an acronym, short for “Completely Automated Public Turing test to tell Computers and Humans Apart”, and whenever you see a strangely deformed series of letters and numbers and you’re asked to type in what you see, that’s a captcha. Their purpose is to prevent spammers from using automated bots to sign up for hundreds of email or forum accounts that they could use to bombard forums or internet users with junk. And until recently, it’s been a pretty effective way of keeping the bad guys at bay – most forums are relatively free of junk posts, and spammers have to find other ways of sending out their ads for impotence cures and pyramid scams. That is, until Melissa came along. Melissa is the star of a new trojan doing the rounds, and just like a real life stripper, she’ll remove an item of clothing each time you give her something. But instead of ten pound notes, Melissa’s currency is captchas. Solve the captcha Melissa presents, and she’ll take off an item of clothing. Meanwhile, behind the scenes, the trojan is using the captcha you’ve just solved – which has been generated on Yahoo’s webmail site – to open another account on that site and send out more junk messages. The trojan – christened CAPTCHA-A by virus researchers – infects computers already contaminated with other malware, and is triggered when Internet Explorer is used on the machine. However, the new threat seems to be confined to a relatively small number of cases for the moment, and some security experts have suggested that the program may be a ‘proof of concept’ – a sort of virus beta programme. “We have not seen many reports of these types of programs in the wild,” Graham Cluley, senior technology consultant at security firm Sophos, told CUK. “My feeling is that it is not currently a big problem compared to other kinds of hacking and malware activity, and it is too early to say that there is evidence that this will be a continuing trend.” If the proof of concept does prove successful, however, it is likely to spawn imitators, generating signups for a host of webmail and forum sites. Ultimately, he says, the determining factor will be how the hormonal teenagers that probably represent the trojan’s target audience respond to traps like Melissa – which, ironically, is also the name of the stripper that inspired the author of the Melissa macro worm – in the long term. “If hackers find a technique is working successfully for them then they will exploit it more and more,” adds Cluley. “In the case of these sexy CAPTCHA programs their fundamental flaw may be that there are plenty of places on the net where people can view as many naked photographs of young women as they like without having to enter a CAPTCHA!” Whilst that may be true, when did logic ever guide a teenager’s actions when confronted with an attractive member of the opposite sex? Graham Taylor Jan 4, 2008 Email this article Printer friendly page Previous Page
|
|
 |
||||||||||||||||||||||||
| All content © Contractor UK Limited | [Register for News Letter] | [Privacy Statement] | [Terms of Use] | [Top of Page] |