IT Security & Network Security News & Reviews: Bredolab, Spam and the CAPTCHA-Cracking Biz
Meet Bredolab. Bredolab represents what Fortinet calls a simplified botneta "loader" that simply connects to a remote server to report and receive files to download and execute. Fortinet has linked Bredolab to an innovative new spam engine called Webwail as well as an uptick in the growth of attacker services focused on cracking CAPTCHAs. By circumventing CAPTCHA protections, spammers can sign up for legitimate Web e-mail accounts to send out spam, making it harder for security vendors to block their messages. Fortinet Threat Researcher Derek Manky predicts more Web engines like Webwail will be developed, driving a growth in CAPTCHA-solving services. Here, eWEEK looks at Webwail and Bredolab, and shows what could be a new security threat: loaders sold as services to buyers looking to distribute malware.