A new banking Trojan variant can bypass CAPTCHA, as demonstrated by a video posted today by security firm Websense on their Security Labs blog.
Once downloaded to the machine, Cridex, a data-stealing Trojan, will track content from various web forms. Cridex also downloads a ‘spamming module’ to the infected machine that enables the botmaster to send malicious e-mails to boost infection rates. This module, as shown in the video, utilizes a CAPTCHA-breaking server that helps the botmaster circumvent any CAPTCHA after a few tries, allowing the attacker to create a new Yahoo e-mail account.
The CAPTCHA attempts are sourced from a series of challenge images (embedded in HTTP) that have been gathered from the e-mail registration form and uploaded to the remote CAPTCHA-breaking server.
For more on the methods used by Cridex and the exact steps of the CAPTCHA-breaking process, head to Websense.
That isn’t a captcha breaking trojan, that is a person feeding the input. Notice as the caps lock is one when it should not be. Captcha doesn’t look broken to me.
Cpcha is long time noing thing… 1 word must be coret and second you can write what you want
Wow! That trojan solved the cursed capcha faster than I could.
+1 to whoever said this isn’t breaking the captcha. I don’t exactly know what this is, but it looks like human input, not a computer program. Of course a human can “break” captcha…it’s designed to defend against automated/programmatic attacks.
People – I’m not saying it definitely isn’t a human, but you’re being a little silly if you think it’s even remotely hard to write software which emulates the slow and inconsistent gait of a human typing.
That is not the interesting issue here, the issue is that the trojan is better than previous attempts at reading the capcha itself.
Thansk for sharing information
I like Spam.
I have my head so far up my bosses butt I know what he had for dinner.
Brain Emmons