Trojan creates webmail accounts to send out spam

New trojan evades Captcha security to create webmail accounts and spam victims.

Spammers appear to have evaded security built into Hotmail and Yahoo email accounts and have used accounts to send out spam.

According to research from Romanian anti-virus company BitDefender, a new trojan called Trojan.Spammer.HotLan.A automatically creates email accounts, which it suggested meant that hackers have found a means of bypassing the captcha systems, where new accounts aren't created until the creator correctly rekeys letters within an image.

The trojan then accesses the webmail account, takes encrypted spam from another website, decrypts this spam before sending out spam emails to recipient addresses pulled in from yet another website. The junk mail tries to lure recipients to a website selling pharmaceutical products.

"There are only about 500 or so new accounts being created every hour," claims, Viorel Canja, head of BitDefender's Antivirus Lab research team. "But still, we've seen 15,000-plus Hotmail accounts being used so far. It's hard to estimate how many spam emails have already been sent."

Microsoft couldn't be reach for comment at time of writing and a spokesman from Yahoo told IT PRO's sister publication PC Pro that his company would investigate the claim before making any comments.

Other research has found that senior executive in large companies are the target of email attacks by cybercriminals.

In its monthly report, email security company MessageLabs recorded a sudden surge in the attacks where the recipient was a C-level executive. It found 500 such emails with infected Word documents. The spike was higher than other attacks the company has seen in the past and the number of such attacks appear to be increasing.

Thirty per cent of the attacks targeted chief investment officers, while 11 per cent were chief executives, chief information officers accounted for seven per cent and chief financial officers made up six per cent.

"This evolving trend of increasingly highly personalised attacks emphasises the effort and research in which the bad guys are willing to engage to potentially obtain very lucrative information," said Mark Sunner, chief security analyst at MessageLabs.

He said that social networking tools, such as Facebook, LinkedIn and MySpace that are highly populated with valuable content, personal information and sought-after details, "it is easier than ever for the bad guys to harvest the personal details needed to personalise their attacks."

The company also recently intercepted emails bound for relatives of the intended target with the intent of compromising the family computer and gaining access to confidential correspondence and intellectual property.

Featured Resources

Shining light on new 'cool' cloud technologies and their drawbacks

IONOS Cloud Up! Summit, Cloud Technology Session with Russell Barley

Watch now

Build mobile and web apps faster

Three proven tips to accelerate modern app development

Free download

Reduce the carbon footprint of IT operations up to 88%

A carbon reduction opportunity

Free Download

Comparing serverless and server-based technologies

Determining the total cost of ownership

Free download

Most Popular

What should you really be asking about your remote access software?

What should you really be asking about your remote access software?

17 Nov 2021
What are the pros and cons of AI?
machine learning

What are the pros and cons of AI?

30 Nov 2021
What is single sign-on (SSO)?
single sign-on (SSO)

What is single sign-on (SSO)?

2 Dec 2021