In order to bypass CAPTCHA

Oct 31, 2007 14:57 GMT  ·  By

Her name is Melissa and she's probably the hottest blonde who ever helped the hackers reach their goals. Roderick Ordo?ez wrote on the official blog of the security company Trend Micro that a very attractive game which asks the users to enter a visual code in order to strip a girl is actually TROJ_CAPTCHAR.A. Because I'm sure you don't know how dangerous it is, you should know that this is a Trojan horse which is used by the hackers to get the information entered by the users. Now, let's summarize it: the malicious persons distribute the Trojan file, claiming that it is a game, in order to get the code for some visual CAPTCHAs.

It seems that they are trying to create a database of CAPTCHAs which is supposed to be used to bypass the restrictions and obtain access to millions of accounts. After the computer user who installed the software on his system types the CAPTCHA displayed in the window, the code is then sent to a website that stores them to create the database.

"Interesting enough, the CAPTCHAs in the example above were taken from the Yahoo! Web site, possible proof that someone may be building a huge base of Yahoo! accounts. For spam-related reasons perhaps? Although various methods of OCR (Optical Character Recognition) are already used to circumvent the CAPTCHA, this social engineering technique is new in that it uses people to unsuspectingly aid a malicious user," Roderick Ordo?ez wrote in the blog post published today.

Now, I advise you to avoid downloading the "game" and keep your antivirus solution up-to-date with the latest virus definitions in order to discover the threat as soon as it enters your computer.

In case you want to download a security software solution for your computer, you can take one from Softpedia using this link.