Banking Trojan breaks captcha to spread bot

http://www.flickr.com/photos/factoryjoe/3493757725/

A banking Trojan now spreading over the internet is able to get past captcha security challenges to send out emails and propagate itself, according to security company Websense Labs.

The Cridex Trojan variant infects a Windows PC when a malicious link in an email is clicked, Websense said in a blog post on Monday. The shortened link goes to a malware webkit with several components, including a data-gathering tool and a propagation module that stealthily opens webmail accounts.

Once the accounts are set up, Cridex sends out malicious emails to try to compromise more computers. To do this, it uses captcha-cracking techniques more commonly associated with spammers, according to Websense. "According to our findings, captcha challenges in some cases can be broken with the help of a captcha-breaking server, which allows the bot to register a mail account or address after only a few attempts," the company said.