Botnet pierces Microsoft Live through audio captchas.
The prolific Pushdo spam botnet has found a new way to penetrate Microsoft's Live.com by exploiting weaknesses in the audio captchas designed to prevent automated scripts from accessing the popular email service.
A new version of the bot causes infected PCs to pull down Live.com audio captchas and return the correct response within 10 seconds, according to a researcher at anti-virus firm Webroot. The attack allows the zombie machines to send email through accounts with a Live.com address, which are whitelisted by many spam filters. The technique offers spammers an alternative to sending spam through open mail relays, which are often blacklisted.
Source - Botnet pierces Microsoft Live through audio captchas ? The Register