Trojan creates webmail accounts to send out spam

Spammers appear to have evaded security built into Hotmail and Yahoo email accounts and have used accounts to send out spam.

According to research from Romanian anti-virus company BitDefender, a new trojan called Trojan.Spammer.HotLan.A automatically creates email accounts, which it suggested meant that hackers have found a means of bypassing the captcha systems, where new accounts aren't created until the creator correctly rekeys letters within an image.

The trojan then accesses the webmail account, takes encrypted spam from another website, decrypts this spam before sending out spam emails to recipient addresses pulled in from yet another website. The junk mail tries to lure recipients to a website selling pharmaceutical products.

"There are only about 500 or so new accounts being created every hour," claims, Viorel Canja, head of BitDefender's Antivirus Lab research team. "But still, we've seen 15,000-plus Hotmail accounts being used so far. It's hard to estimate how many spam emails have already been sent."

Microsoft couldn't be reach for comment at time of writing and a spokesman from Yahoo told IT PRO's sister publication PC Pro that his company would investigate the claim before making any comments.

Other research has found that senior executive in large companies are the target of email attacks by cybercriminals.

In its monthly report, email security company MessageLabs recorded a sudden surge in the attacks where the recipient was a C-level executive. It found 500 such emails with infected Word documents. The spike was higher than other attacks the company has seen in the past and the number of such attacks appear to be increasing.

Thirty per cent of the attacks targeted chief investment officers, while 11 per cent were chief executives, chief information officers accounted for seven per cent and chief financial officers made up six per cent.

"This evolving trend of increasingly highly personalised attacks emphasises the effort and research in which the bad guys are willing to engage to potentially obtain very lucrative information," said Mark Sunner, chief security analyst at MessageLabs.

He said that social networking tools, such as Facebook, LinkedIn and MySpace that are highly populated with valuable content, personal information and sought-after details, "it is easier than ever for the bad guys to harvest the personal details needed to personalise their attacks."

The company also recently intercepted emails bound for relatives of the intended target with the intent of compromising the family computer and gaining access to confidential correspondence and intellectual property.

Email to a friend

Print this page

Social Bookmark this article: What is this?

Digg

Delicious

Reddit

StumbleUpon

Slashdot

Google

Facebook