Bugtraq mailing list archives
Rise of the spammers
From: vulns () wintercore com
Date: Thu, 13 Mar 2008 12:46:16 +0100
Hi, According to the following press release of MessageLabs: http://www.messagelabs.com/resources/press/11351 "the proportion of spam from Gmail increased two-fold from 1.3 percent in January to 2.6 percent in February" Recently, researchers at Websense also spotted ITW (http://www.websense.com/securitylabs/blog/blog.php?BlogID=174) a bot trying to break Gmail's image captcha, with relative success though. So it seems pretty clear that spammers are abusing of legal services to spread their stuff although it is not so clear how they are doing so.AFAIK nobody has paid attention to the Gmail's audio captcha as attack vector. This captcha turns out to be extremely weak against simple fourier analysis so you can easily achieve a success rate of 90% even without implementing a HMM or any other well-known classifier.
You can read the technical details in the following post http://blog.wintercore.com/?p=11 Video: http://blog.wintercore.com/files/breaking_gmail_audio_captcha.wmv Regards, Rubén. -- Wintercore Agustin de Betancourt, 21. 8th Floor. 28003 Madrid. Spain. Phone: +(34) 91 395 63 40 www.wintercore.com
Current thread:
- Rise of the spammers vulns (Mar 13)