[<prev] [next>] [day] [month] [year] [list]
Message-ID: <47D91408.8000808@wintercore.com>
Date: Thu, 13 Mar 2008 12:46:16 +0100
From: vulns@...tercore.com
To: bugtraq@...urityfocus.com
Subject: Rise of the spammers
Hi,
According to the following press release of MessageLabs:
http://www.messagelabs.com/resources/press/11351
"the proportion of spam from Gmail increased two-fold from 1.3 percent
in January to 2.6 percent in February"
Recently, researchers at Websense also spotted ITW
(http://www.websense.com/securitylabs/blog/blog.php?BlogID=174) a bot
trying to break Gmail's image captcha, with relative success though. So
it seems pretty clear that spammers are abusing of legal services to
spread their stuff although it is not so clear how they are doing so.
AFAIK nobody has paid attention to the Gmail's audio captcha as attack
vector. This captcha turns out to be extremely weak against simple
fourier analysis so you can easily achieve a success rate of 90% even
without implementing a HMM or any other well-known classifier.
You can read the technical details in the following post
http://blog.wintercore.com/?p=11
Video:
http://blog.wintercore.com/files/breaking_gmail_audio_captcha.wmv
Regards,
Rubén.
--
Wintercore
Agustin de Betancourt, 21. 8th Floor.
28003 Madrid. Spain.
Phone: +(34) 91 395 63 40
www.wintercore.com
Powered by blists - more mailing lists