Russian spam bots crack Google Mail captcha

The protection system which prevents the multiple automatic registration of fraudulent accounts at GMail is cracked following the same breakage in Yahoo! and Microsoft Live webmail services. The example of spambot work is published by Russian security blog urs-molotoff.blogspot.com. The bot goes wild with a trojan. After some user's computer is infected, the bot grabs GMail captcha and sends it to a special server where the captcha is recognized and the result is send back to the bot, so it can register a new Gmail account and start spamming.

The address of the spam server is hidden in this example but the authors of the security blog told Webplanet that the bot "is connected to Russian-speaking site".

In January, some group of "Russian researchers" showed how to break Yahoo! captcha with the recognition rate about 35%. A couple of weeks later Windows Live captcha was cracked, too. These protection systems from Microsoft, Yahoo and Google where considered pretty safe so anti-spammers didn't list these mail services in their "black lists". Now they got a problem: "In the past week or so, Websense antispam filters have gone from blocking fewer than 100 Windows Live accounts per day to a number that's in the thousands".

Some people say more spam comes now from GMail, too. We are looking forward to see more sophisticated Turing tests on the Web. Or it's about time to use Philip Dick's tests for androids? Google Androids, in this case.