Daily cyber threats and internet security news: network security, online safety and latest security alerts
April 26th, 2008

Google’s Blogger CAPTCHA Under Automated Registrations Attack

Spammers, in their recent tactics, have targeted Google’s well-known blog publishing system “Blogger”/”Blogspot”, following the previous attacks on Microsoft’s Live Mail Anti-CAPTCHA, Google’s Gmail Anti-CAPTCHA and Microsoft’s Live Hotmail Anti-CAPTCHA services.

The automated bots are capable of not only signing up and creating Blogger accounts (using spammer account credentials), but also use these accounts as redirectors and doorway pages for advertising their products and services. In the current attack, accounts using anti-CAPTCHA operations at Blogger get registered, and few lines of script or code is used to refresh the account, thus directing the user to the actual spam domain.

For spammers, there could be few main advantages to this approach. A free to sign up where accounts can be used as redirectors or doorway pages to spammers’ domain(s). Spammers include these redirecting accounts in different spam campaigns rather than including their actual spam domains and use this tactic to defeat a range of anti-spam services.
These redirecting or doorway page accounts can also be used in multiple mass-mailing campaigns for subsequent attacks.
Another advantage is the difficulty to keep track of these accounts as millions of users worldwide are using Google’s Blogger services on a regular basis.

The entire automated process in is built of two stages. First, predefined instructions from the CAPTCHA breaking host injected on to bot infected or victim’s machine. Instructions are used as templates, with varying account credentials and spam domain redirecting script. Second, bot infected or victims’ machine performing tasks are per pre-defined instructions. Spammers are trying to improve the Anti-CAPTCHA techniques and performed validation checks are sent to their email addresses.

These accounts could be used by the spammers at any time for a variety of social-engineering attacks, a trend that has been increasingly common with various popular Web 2.0 sites.

Share this item with others:

More on CyberInsecure:
  • 3$ for breaking the CAPTCHA
  • Microsoft’s CAPTCHA Under Spammers Attack Again
  • High Success Rate Breaking Hotmail CAPTCHAs
  • Automated Malware Attacks Hit Facebook, CAPTCHA Possibly Cracked
  • Pushdo Spam Botnet Pierces Microsoft Live Through Audio CAPTCHA

  • If you found this information useful, consider linking to it from your own website.
    Just copy and paste the code below into your website (Ctrl+C to copy)
    It will look like this: Google’s Blogger CAPTCHA Under Automated Registrations Attack

    Leave a Reply

    Comments with unsolicited links to other resources will be marked as spam. DO NOT leave links in comments. Please leave your real email, it wont be published.

    To prove you’re a person (not a spam script), type the security word shown in the picture. Click on the picture to hear an audio file of the word.