Sign in / up

back to article Botnet pierces Microsoft Live through audio captchas

The prolific Pushdo spam botnet has found a new way to penetrate Microsoft's Live.com by exploiting weaknesses in the audio captchas designed to prevent automated scripts from accessing the popular email service. A new version of the bot causes infected PCs to pull down Live.com audio captchas and return the correct response …

COMMENTS

House rules Send corrections
This topic is closed for new posts.
  1. Laurent_Z

    F r e e . P o r n !

    Sign me in ! ^_^

    Well, some people gave their system password for chocolate not long ago, so why not some other stupid losers give their financial information for porn ?

    It angle : Was there any chocolate bar fetishes in the proposed porn ? 8p

    0 1
    1. Marvin the Martian
      Reply Icon
      Stop

      Correction

      People gave something they claimed to be their password, in exchange for real chocolate.

      3 0
  2. Disco-Legend-Zeke
    Pint

    If They Can Decode...

    ...static masked voice, they could have made more money selling the technology to DARPA.

    I'll have another 211 while we ponder that.

    1 0
  3. Kevin McMurtrie Silver badge
    Gates Horns

    White of insufficient illumination

    "...to send email through accounts with a Live.com address, which are whitelisted by many spam filters."

    Not mine. Not as long as Microsoft has no working abuse contacts.

    2 0
  4. Anonymous Coward
    Joke

    Security

    Microsoft with security problems, well I never!

    2 1
  5. LinkOfHyrule
    Coffee/keyboard

    Mamma mia!

    "Mamma mia! your grandmother is doing so strange things here! Look at these delineations!"

    That is hilarious! Especially if you sing it using the tune from the ABBA song Mamma Mia - just add the lyric "my my" between "here" and "look" as in the original song and it almost fits the tune perfectly!

    I knew these spammers were really into 70's pop and disco music! It all adds up now!

    1 0
  6. Neoc

    Re: If They Can Decode..

    More likely, the audio captcha is sent to active participants in 3rd-world countries who are paid a couple of cents for each Captcha they decypher correctly. Worked for the visual ones, so why not for this one.

    0 0
  7. lukewarmdog
    Badgers

    Clever.. or not..

    All that technology.. and then "Mamma mia! your grandmother is doing so strange things here! Look at these delineations!"

    It's like a clever kid allowed his stupid cousin, who may also be his sister, help with the coding.

    0 0
    1. Paul 4
      Reply Icon

      I'd say

      It looks like Chinese pushed through the translation mangle at bablefish.

      1 0
      1. Richard Scratcher
        Reply Icon
        Thumb Up

        Chinese whispers

        I put "look at these delineations" into Google translate, taking it to and from Chinese and it came back as "take a look at these paintings France"

        0 0
  8. Tom 13

    The websites are going to need to rethink this whole captchas mess

    I think computers would have an easier time than I do of decoding some of the ones I've seen recently.

    5 0
  9. Robert Forsyth

    Ironic: Like a virus scanner

    Just like a virus scanner, scans for signatures that indicate there may be a virus, this could scan for the signature of the captcha data, if it is a new captcha send it off for decoding and a new signature added to the captchas database.

    0 0
  10. Daniel B.
    Alert

    This would explain!

    So this is why I've been receiving a lot of add requests from RosieJosieMax5666943@hotmail.com or such asking me to see her nekkid cam... really, these bot accounts have been around for the past 6 months, maybe more.

    Looks like MSFT needs to add some complexity to the audio files. Some random background noise, coupled with some salting to botch MD5/SHA1 hash checks should do the trick.

    0 0
This topic is closed for new posts.