The news came through a couple of days ago that Microsoft’s Live Hotmail CAPTCHA system has yet again been compromised by spammers.
The method works by using an army of zombie PCs (those that have been compromised by malicious software and can be remotely controlled) and a remote computer server to handle image decoding.
It’s not the first time Microsoft’s system has been compromised, and it likely won’t be the last. Other online accounts aren’t immune either. Spammers need lots of fake accounts in order to send emails and publish splogs.
At present, companies fight these attacks by making the images used in CAPTCHAs more complicated. This is only a stopgap “solution” though, and makes things more difficult for legitimate users trying to sign up for new services.
Finding a solution that minimises inconvenience to everyday users but thwarts those wanting to abuse the system isn’t easy, and is a wide-ranging and ongoing discussion. However, trying to close down the army of zombie PCs roaming the web would be a start, as it’s these that cause so many problems.
Until a system can be implemented that’s very difficult to circumvent, the problem of fake blogs, spam emails and blog comments will continue.