'Melissa' Exposes Self, Security Hole | www.infopackets.com

'Melissa' Exposes Self, Security Hole

Dennis Faas's picture

Spammers have recruited an unusual new ally in their battle against security checks: 'Melissa' the virtual stripper.

She features in the Captcha Trojan, named because of its attempts to get 'round the 'Completely Automated Public Turing test to tell Computers and Humans Apart' technology. This is the system where users have to type in the letters they see in an image, designed to stop computers automatically completing a forum. The spammers behind this case are trying to automatically sign up for multiple Yahoo mail accounts.

The Captcha Trojan replaces Yahoo pages with what appears to be a game featuring a stripping woman. The user is asked to type in the words and numbers that appear on the screen and 'Melissa' removes an item of clothing for each one they 'get correct'. The words and numbers are, in fact, taken directly from Yahoo's sign-up screens.

According to Raimund Genes, Trend Micro's chief technology officer, the Trojan appears on computers that have already been infected with malicious programs. It is activated when the user launches Internet Explorer. (Source: news.bbc.co.uk.)

So far, it seems few users have fallen for the trick, and Trend has rated the virus as low risk. But Genes said it was likely the spammers are using 'Melissa' mainly as a way to test the technology involved before using it for more nefarious purposes. Roderick Ordoñez, a blogger for Trend, says this is the first time unwitting humans have been used to aid the computers. (Source: Trendmicro.com)

This isn't the first attempt to get around Captcha systems. Back in August, the Hotlan Trojan created more than half a million Hotmail accounts in a month. (Source: The Register)

It seems playing on men's weakness for sex will continue to be the spammer's best strategy. But perhaps the users playing with 'Melissa' should think carefully about what sort of woman strips just because you can read.

| Tags:
Rate this article: 
No votes yet