New CAPTCHA worm breaking Google's defences

Security firm takes credit for discovering a new worm that is taking over Gmail accounts, after breaking CAPTCHA.

A new worm has been discovered, which a security company claims can break Google's CAPTCHA to create Gmail accounts for spamming.

Vietnamese company Bach Koa Internetwork Security (BKIS) has called the worm W.32.Gaptcha.Worm' and says it is able to break Google's CAPTCHA defences.

CAPTCHA (Completely Automated Public Turing Test to tell Computers and Humans Apart) is a defence used by email providers, which tries to ensure that computers are not automatically signing up for email accounts.

Once it has broken CAPTCHA, the worm can continuously create Gmail accounts, sending these registered accounts to hackers.

This will cause Gmail to block the infected machine's IP address due to the many registrations, and the worm will remove itself from the system.

"Once your computer gets infected with this worm, you will see Internet Explorer windows automatically appear," BKIS said on the blog:

"You will then see the whole automatic Gmail accounts registering process by the worm."

It adds: "After that you will not be able to sign up for new Gmail accounts as your computer will have been blocked by Gmail."

Companies like Google and Microsoft have been engaged in a continuous battle with spammers trying to break CAPTCHA defences, due to the value of the accounts.

Google itself recently revealed work on a new form of CAPTCHA, which uses images that are more difficult for computers to break.

Google said that CAPTCHA was only one aspect of the security of its systems, but had no official comment to make on this particular attack.

Featured Resources

The challenge of securing the remote working employee

The IT Pro Guide to Sase and successful digital transformation

Free Download

VMware Cloud workload migration tools

Cloud migration types, phases, and strategies

Free download

Practices for maximising the business value of digital infrastructure Consumption-as- a-Service subscriptions

IDC PeerScape

Free Download

Container network security guide for dummies

Enforcing Kubernetes best practices

Free download

Recommended

Google banned from importing patent-infringing tech following Sonos IP victory
Policy & legislation

Google banned from importing patent-infringing tech following Sonos IP victory

7 Jan 2022
Google, Facebook fined €210 million for making it difficult for users to reject cookies
Policy & legislation

Google, Facebook fined €210 million for making it difficult for users to reject cookies

6 Jan 2022
Google is working with leading PC manufacturers to improve Android on Windows
Google Android

Google is working with leading PC manufacturers to improve Android on Windows

6 Jan 2022
Google Cloud acquires Israeli security startup Siemplify
cloud security

Google Cloud acquires Israeli security startup Siemplify

5 Jan 2022

Most Popular

How to move Microsoft's Windows 11 from a hard drive to an SSD
Microsoft Windows

How to move Microsoft's Windows 11 from a hard drive to an SSD

4 Jan 2022
Microsoft Exchange servers break thanks to 'Y2K22' bug
email delivery

Microsoft Exchange servers break thanks to 'Y2K22' bug

4 Jan 2022
Solving cyber security's diversity problem
Careers & training

Solving cyber security's diversity problem

5 Jan 2022