Trojan uses Hotmail and Yahoo as spam hosts

Scammers bypassing authentication systems.

Security firm BitDefender has warned of a new email threat using Hotmail and Yahoo Mail accounts to send spam. 

Trojan.Spammer.HotLan.A uses automatically generated email accounts, suggesting that spammers have found a way to bypass so-called Captcha systems.

Captcha works by preventing new accounts being created until the creator correctly identifies the letters depicted in an image.

Every active copy of the Trojan accesses an account, and pulls encrypted spam emails from a website. It then decrypts the emails and sends them to valid addresses taken from yet another website.

"There are only about 500 or so new accounts being created every hour," said Viorel Canja, head of BitDefender's antivirus lab.

"But we have seen at least 15,000 Hotmail accounts being used so far. It is hard to estimate how many spam emails have already been sent."

The spam currently being distributed attempts to lure users to a site advertising pharmacy products. Common spam techniques are used in the email body, such as random word generation and a random email subject.

Copyright ©v3.co.uk