News

Cridex Trojan breaks CAPTCHA, targets Facebook, Twitter users

Stephanie Wright, Contributor

A variant of a banking Trojan known as Cridex can communicate with a CAPTCHA-breaking server in order to establish malicious email accounts. Researchers at Websense Security Labs posted a video documenting how Cridex broke a CAPTCHA test

    Requires Free Membership to View

and opened a Yahoo email account in six attempts.

Cridex is a data-stealing Trojan that is similar to Zeus in the way it operates: It logs content from Web sessions and alters them to harvest information from the infected user.

Websense Security Labs

The Cridex network grows as it infects new machines via malicious emails. The emails contain links to a Black Hole exploit kit, which attacks vulnerabilities in Web browsers and plug-ins. If successful, the kit downloads Cridex onto the machine.

“Cridex is a data-stealing Trojan that is similar to Zeus in the way it operates: It logs content from Web sessions and alters them to harvest information from the infected user,” according to the Websense Security Labs blog.

Cridex targets information from platforms like Facebook, Twitter and several online banking services. That data is then sent to a remote server.

Finally, it uses the infected machine to grow the size of the bot.

According to Websense, the Trojan “opens Web sessions to online mail services and registers new email accounts that are later used by the bot to send spam/malicious emails.”

Cridex cannot run without a successful attack by the Black Hole exploit kit. Machines with updated Web browsers and applications, as well as the latest antivirus software, should be protected, Websense said.


There are Comments. Add yours.

 
TIP: Want to include a code block in your comment? Use <pre> or <code> tags around the desired text. Ex: <code>insert code</code>

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
Sort by: OldestNewest

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to: