BugTraq
Rise of the spammers Mar 13 2008 11:46AM
vulns wintercore com
Hi,

According to the following press release of MessageLabs:
http://www.messagelabs.com/resources/press/11351

"the proportion of spam from Gmail increased two-fold from 1.3 percent
in January to 2.6 percent in February"

Recently, researchers at Websense also spotted ITW
(http://www.websense.com/securitylabs/blog/blog.php?BlogID=174) a bot
trying to break Gmail's image captcha, with relative success though. So
it seems pretty clear that spammers are abusing of legal services to
spread their stuff although it is not so clear how they are doing so.

AFAIK nobody has paid attention to the Gmail's audio captcha as attack
vector. This captcha turns out to be extremely weak against simple
fourier analysis so you can easily achieve a success rate of 90% even
without implementing a HMM or any other well-known classifier.

You can read the technical details in the following post
http://blog.wintercore.com/?p=11

Video:
http://blog.wintercore.com/files/breaking_gmail_audio_captcha.wmv

Regards,
Rubén.

--

Wintercore
Agustin de Betancourt, 21. 8th Floor.
28003 Madrid. Spain.
Phone: +(34) 91 395 63 40
www.wintercore.com

[ reply ]


 

Privacy Statement
Copyright 2010, SecurityFocus