| You are currently viewing our forum as a guest. This means you are limited to certain areas of the board and that there are some features you can't use or read. We are an active community of worldwide senior members participating in chat, politics, travel, health, blogging, graphics, computer issues & help, book club, literature & poetry, finance discussions, recipe exchange and much more. Also, as a member you will be able to access member only sections, many features, send personal messages, make new friends, etc. Registration is simple, fast and completely free. Why not register today and become a part of the group. Registration button at the very top left of the page. Thank you for stopping by. Join our community! In case of difficulty, email worldwideseniors.org@gmail.com. If you're already a member please log in to your account to access all of our features: |
| New Banking Trojan Caught Breaking CAPTCHA | |
|---|---|
| Topic Started: Jan 31 2012, 06:34 PM (30 Views) | |
| Deleted User | Jan 31 2012, 06:34 PM Post #1 |
|
Deleted User
|
Monday, January 30, 2012 New Banking Trojan Caught Breaking CAPTCHA A new banking Trojan variant can bypass CAPTCHA, as demonstrated by a video posted today by security firm Websense on their Security Labs blog See Video here: https://threatpost.com/en_us?utm_source=Threatpost&utm_medium=Primary%20Navigation&utm_campaign=Home Once downloaded to the machine, Cridex, a data-stealing Trojan, will track content from various web forms. Cridex also downloads a ‘spamming module’ to the infected machine that enables the botmaster to send malicious e-mails to boost infection rates. This module, as shown in the video, utilizes a CAPTCHA-breaking server that helps the botmaster circumvent any CAPTCHA after a few tries, allowing the attacker to create a new Yahoo e-mail account. The CAPTCHA attempts are sourced from a series of challenge images (embedded in HTTP) that have been gathered from the e-mail registration form and uploaded to the remote CAPTCHA-breaking server. For more on the methods used by Cridex and the exact steps of the CAPTCHA-breaking process, head to Websense. http://community.websense.com/blogs/securitylabs/archive/2012/01/30/trojan-caught-on-camera-shows-captcha-is-still-a-security-issue.aspx - there are more details and screenshots, etc. |
|
|
| 1 user reading this topic (1 Guest and 0 Anonymous) | |
| « Previous Topic · ALERTS, UPDATES, WARNINGS, NEWS · Next Topic » |





9:54 PM Jul 11