Video: New Banking Trojan Caught Breaking CAPTCHA

A new banking Trojan variant can bypass CAPTCHA, as demonstrated by a video posted today by security firm Websense on their Security Labs blog.

A new banking Trojan variant can bypass CAPTCHA, as demonstrated by a video posted today by security firm Websense on their Security Labs blog.

Once downloaded to the machine, Cridex, a data-stealing Trojan, will track content from various web forms. Cridex also downloads a ‘spamming module’ to the infected machine that enables the botmaster to send malicious e-mails to boost infection rates. This module, as shown in the video, utilizes a CAPTCHA-breaking server that helps the botmaster circumvent any CAPTCHA after a few tries, allowing the attacker to create a new Yahoo e-mail account.

The CAPTCHA attempts are sourced from a series of challenge images (embedded in HTTP) that have been gathered from the e-mail registration form and uploaded to the remote CAPTCHA-breaking server.

For more on the methods used by Cridex and the exact steps of the CAPTCHA-breaking process, head to Websense.

Suggested articles

alien cerberus banking malware

Alien Android Banking Trojan Sidesteps 2FA

A new ‘fork’ of the Cerberus banking trojan, called Alien, targets victims’ credentials from more than 200 mobile apps, including Bank of America and Microsoft Outlook.

Discussion

  • Anonymous on

    That isn't a captcha breaking trojan, that is a person feeding the input. Notice as the caps lock is one when it should not be. Captcha doesn't look broken to me.

     

  • Anonymous on

    Cpcha is long time noing thing... 1 word must be coret and second you can write what you want :D

  • Anonymous on

    Wow!  That trojan solved the cursed capcha faster than I could.

  • Anonymous on

    +1 to whoever said this isn't breaking the captcha. I don't exactly know what this is, but it looks like human input, not a computer program. Of course a human can "break" captcha...it's designed to defend against automated/programmatic attacks.
  • Anonymous on

    People - I'm not saying it definitely isn't a human, but you're being a little silly if you think it's even remotely hard to write software which emulates the slow and inconsistent gait of a human typing.  

     

    That is not the interesting issue here, the issue is that the trojan is better than previous attempts at reading the capcha itself.

  • benzino on

    Thansk for sharing information

  • Dumbo on

    I like Spam.

    I have my head so far up my bosses butt I know what he had for dinner.

    Brain Emmons

     

Subscribe to our newsletter, Threatpost Today!

Get the latest breaking news delivered daily to your inbox.