By Dancho Danchev

Just how challenged are cybercriminals when they’re being exposed to CAPTCHAs in 2013?

Not even bothering to “solve the problem” by themselves anymore, thanks to the cost-efficient, effective, and fully working process of outsourcing the CAPTCHA solving process to humans thereby allowing the cybercriminals to abuse any given Web property, as if it were multiple humans actually performing the actions.

In this post I’ll profile an automatic CAPTCHA-solving (Russian) email account registration tool which undermines the credibility of Russia’s major free email service providers by allowing cybercriminals to register tens of thousands of bogus email accounts.

More details:

Originally available on the Internet since August, 2011, the tool remains one of the most popular DIY automatic CAPTCHA-solving tools for abusing major Russian email/service providers such as @mail.ru, @list.ru, @bk.ru, @inbox.ru, @qip.ru, @pochta.ru, @fromru.com, @front.ru, @hotbox.ru, @hotmail.ru, @krovatka.su, @land.ru, @mail15.com, @mail333.com, @newmail.ru, @nightmail.ru, @nm.ru, @pisem.net, @pochtamt.ru, @pop3.ru, @rbcmail.ru, @smtp.ru, @5ballov.ru, @aeterna.ru, @ziza.ru, @memori.ru, @photofile.ru, @fotoplenka.ru, @pochta.com, thanks for the persistent updates issued on behalf of the developer.

Sample screenshots of the DIY tool in operation:

DIY_Russian_Email_Account_Registration_Tool_CAPTCHADIY_Russian_Email_Account_Registration_Tool_CAPTCHA_01 DIY_Russian_Email_Account_Registration_Tool_CAPTCHA_02 DIY_Russian_Email_Account_Registration_Tool_CAPTCHA_03 DIY_Russian_Email_Account_Registration_Tool_CAPTCHA_04 DIY_Russian_Email_Account_Registration_Tool_CAPTCHA_05 DIY_Russian_Email_Account_Registration_Tool_CAPTCHA_06 DIY_Russian_Email_Account_Registration_Tool_CAPTCHA_07 DIY_Russian_Email_Account_Registration_Tool_CAPTCHA_08 DIY_Russian_Email_Account_Registration_Tool_CAPTCHA_09 DIY_Russian_Email_Account_Registration_Tool_CAPTCHA_10

Some of its features include:

[+] Multi-threaded check mailboxes
[+] Work through HTTP / HTTPs / Socks4 / Socks4a / Socks5 Proxy Services (Private login / password and public)
[+] Solving a CAPTCHA – services manual
[+] Keeps statistics from CAPTCHA solving services
[+] Advanced login generator (by last name/name/from the database logins/syllable by syllable to the setting of generation)
[+] Error counter and adjustable automatic stop when you reach the limit of registration errors
[+] Large base of male/female names for auto-fill data
[+] To automatically select a different login before entering the CAPTCHA, if the current busy (as configured)
[+] All the accounts are kept easy to view and edit the list in the database where you can store in the standard lists
[+] Can pre-edit generated logins and account data
[+] Custom save the list (choice of separator/outlet data)
[+] Adjustable loading external files from the list of accounts to register
[+] Custom notifications on the status of registration
[+] Multi-threaded downloads letters registered mail boxes
[+] Custom sound effects for the event (can be switched off)
[+] To download lists of proxy servers with pre-defined URL
[+] To update the list of proxy servers during the course registration
[+] Can register through DYNAMIC IP
[+] Option sorting/mixing of the list of accounts
[+] Checking accounts MAIL.RU/QIP.RU operation through the WEB-interface

What would a cybercriminal do with all of these automatically registered bogus accounts? He’ll either monetize them by offering the accounts for sale, start directly spamming through them in an attempt to take advantage of DomainKeys verified nature of the services where applicable, or use them to register hundreds of potentially fraudulent or malicious domains.

With its recently introduced support for MySQL, the tool’s features successfully differentiate it from the rest of the DIY automatic email account registration tools available on the Internet, with the tool continuing to enjoy a high market share, according to our observations of its progress over the last couple of years.

You can find more about Dancho Danchev at his LinkedIn Profile. You can also follow him on Twitter.

Blog Staff

About the Author

Blog Staff

The Webroot blog offers expert insights and analysis into the latest cybersecurity trends. Whether you’re a home or business user, we’re dedicated to giving you the awareness and knowledge needed to stay ahead of today’s cyber threats.

Share This