Worm solves Gmail's CAPTCHA, creates fake accounts

Malware creates new accounts until Google blocks the infected computer, then the worm uninstalls itself

A Vietnamese security company has detected what it believes is a new worm that thwarts Google's security protections in order to register new dummy Gmail accounts from which to send spam.

Bach Koa Internetwork Security (BKIS) said the worm was discovered earlier this week in one of its honeypots, the term for a computer set up to catch samples of malicious software. BKIS has named the malware "W32.Gaptcha.Worm."

Once a computer is infected with Gaptcha, the worm launches the Internet Explorer browser and goes to Gmail's new account registration page. It begins to fill in random names of fictitious users.

When confronted with a CAPTCHA, the worm sends the image to a remote server for processing, wrote Do Manh Dung, senior malware researcher, on the BKIS blog.

A CAPTCHA (Completely Automated Public Turing test to tell Computers and Humans Apart) is the distorted text that a person must solve before a new account can be created.

It used to be hard for computers to translate the text, but improvements in OCR (optical character recognition) technology have overcome that barrier.

In some cases, spammers are believed to employ people in low-income countries to figure out the CAPTCHA in order to gain new e-mail accounts.

Once a new registration is complete, the account details are then e-mailed to a spammer. After too many account registrations, Google will eventually block the particular computer creating the accounts. The worm then removes itself, Dung wrote.

Google officials contacted in London did not have a comment on the latest worm, but it and other companies that provide free e-mail accounts have been besieged over the last few years by spammers using sophisticated techniques to create fake accounts.

Free e-mail accounts are valuable to spammers. E-mail sent from those accounts has a better chance of making it past antispam filters since it comes a trusted domain, although companies use other methods such as text analysis to pluck out rubbish e-mail.

Join the newsletter!

Or

Sign up to gain exclusive access to email subscriptions, event invitations, competitions, giveaways, and much more.

Membership is free, and your security and privacy remain protected. View our privacy policy before signing up.

Error: Please check your email address.

Tags spamGmailwormcaptcha

Keep up with the latest tech news, reviews and previews by subscribing to the Good Gear Guide newsletter.

Jeremy Kirk

IDG News Service
Show Comments

Brand Post

Most Popular Reviews

Latest Articles

Resources

PCW Evaluation Team

Luke Hill

MSI GT75 TITAN

I need power and lots of it. As a Front End Web developer anything less just won’t cut it which is why the MSI GT75 is an outstanding laptop for me. It’s a sleek and futuristic looking, high quality, beast that has a touch of sci-fi flare about it.

Emily Tyson

MSI GE63 Raider

If you’re looking to invest in your next work horse laptop for work or home use, you can’t go wrong with the MSI GE63.

Laura Johnston

MSI GS65 Stealth Thin

If you can afford the price tag, it is well worth the money. It out performs any other laptop I have tried for gaming, and the transportable design and incredible display also make it ideal for work.

Andrew Teoh

Brother MFC-L9570CDW Multifunction Printer

Touch screen visibility and operation was great and easy to navigate. Each menu and sub-menu was in an understandable order and category

Louise Coady

Brother MFC-L9570CDW Multifunction Printer

The printer was convenient, produced clear and vibrant images and was very easy to use

Edwina Hargreaves

WD My Cloud Home

I would recommend this device for families and small businesses who want one safe place to store all their important digital content and a way to easily share it with friends, family, business partners, or customers.

Featured Content

Product Launch Showcase

Latest Jobs

Don’t have an account? Sign up here

Don't have an account? Sign up now

Forgot password?