Trojan creates webmail accounts to send out spam

New trojan evades Captcha security to create webmail accounts and spam victims.

Spammers appear to have evaded security built into Hotmail and Yahoo email accounts and have used accounts to send out spam.

According to research from Romanian anti-virus company BitDefender, a new trojan called Trojan.Spammer.HotLan.A automatically creates email accounts, which it suggested meant that hackers have found a means of bypassing the captcha systems, where new accounts aren't created until the creator correctly rekeys letters within an image.

The trojan then accesses the webmail account, takes encrypted spam from another website, decrypts this spam before sending out spam emails to recipient addresses pulled in from yet another website. The junk mail tries to lure recipients to a website selling pharmaceutical products.

"There are only about 500 or so new accounts being created every hour," claims, Viorel Canja, head of BitDefender's Antivirus Lab research team. "But still, we've seen 15,000-plus Hotmail accounts being used so far. It's hard to estimate how many spam emails have already been sent."

Microsoft couldn't be reach for comment at time of writing and a spokesman from Yahoo told IT PRO's sister publication PC Pro that his company would investigate the claim before making any comments.

Other research has found that senior executive in large companies are the target of email attacks by cybercriminals.

In its monthly report, email security company MessageLabs recorded a sudden surge in the attacks where the recipient was a C-level executive. It found 500 such emails with infected Word documents. The spike was higher than other attacks the company has seen in the past and the number of such attacks appear to be increasing.

Thirty per cent of the attacks targeted chief investment officers, while 11 per cent were chief executives, chief information officers accounted for seven per cent and chief financial officers made up six per cent.

"This evolving trend of increasingly highly personalised attacks emphasises the effort and research in which the bad guys are willing to engage to potentially obtain very lucrative information," said Mark Sunner, chief security analyst at MessageLabs.

He said that social networking tools, such as Facebook, LinkedIn and MySpace that are highly populated with valuable content, personal information and sought-after details, "it is easier than ever for the bad guys to harvest the personal details needed to personalise their attacks."

The company also recently intercepted emails bound for relatives of the intended target with the intent of compromising the family computer and gaining access to confidential correspondence and intellectual property.

Featured Resources

The ultimate law enforcement agency guide to going mobile

Best practices for implementing a mobile device program

Free download

The business value of Red Hat OpenShift

Platform cost savings, ROI, and the challenges and opportunities of Red Hat OpenShift

Free download

Managing security and risk across the IT supply chain: A practical approach

Best practices for IT supply chain security

Free download

Digital remote monitoring and dispatch services’ impact on edge computing and data centres

Seven trends redefining remote monitoring and field service dispatch service requirements

Free download

Most Popular

Best Linux distros 2021
operating systems

Best Linux distros 2021

11 Oct 2021
HPE wins networking contract with Birmingham 2022 Commonwealth Games
Network & Internet

HPE wins networking contract with Birmingham 2022 Commonwealth Games

15 Oct 2021
Veritas Backup Exec 21.3 review: Covers every angle
backup software

Veritas Backup Exec 21.3 review: Covers every angle

14 Oct 2021