Skip to main content

Strippers, the killer app for spammers

Spammers are using the same method as the Amazon Mechanical Turk (opens in new tab) to defeat CAPTCHA (Completely Automatic Public Turing Test to Tell Computers and Humans Apart) solutions put in place by websites like Google or Yahoo, in a bid to send even more spam and malicious code.

Instead of coming up with (opens in new tab) applications to bypass CAPTCHA, spammers lure human beings into helping them identify those CAPTCHAs by rewarding them with a virtual stripper.

Trend Micro, the security firm behind the discovery, says that this is a new twist in the way spammers use human intelligence (or stupidity, depending on how you see it) to decipher CAPTCHA.

Paul Ferguson, a security expert for Trend Micro, told IDG news that "Work-at-home money mule schemes run by criminals have hired people to do this same thing".

TROJ_CAPTCHAR.A (Symantec calls it Captchar.a) is a disguised strip-tease game that hides a trojan horse that the user has to download and run on its computer.

It shows (opens in new tab) the picture of a partially nude, blonde bomb-shell that will take off her clothing one by one if CAPTCHAs are identified correctly.

Désiré Athow

Désiré has been musing and writing about technology during a career spanning four decades. He dabbled in website building and web hosting when DHTML and frames were en vogue and started writing about the impact of technology on society just before the start of the Y2K hysteria at the turn of the last millennium. Following an eight-year stint at where he discovered the joys of global tech-fests, Désiré now heads up TechRadar Pro. Previously he was a freelance technology journalist at Incisive Media, Breakthrough Publishing and Vnunet, and Business Magazine. He also launched and hosted the first Tech Radio Show on Radio Plus.