If you thought that forced registration and Captcha human verification technologies solved the bulletin board spam challenge, you were wrong.

Security vendor Panda on its blog is demonstrating an application that will leave 1,500 spam comments on bulletin board in 15 minutes.

Xrumer slices through captcha verification and forced registrations – all are designed to verify that the poster is a human being rather than a spamming computer.

30 Jul 2007

The $450 application offers an amazingly simple user interface. In a few clicks, the spammer creates a new email address with a free provider, sets up keywords for bulletin boards that he/she wants to target and creates the actual spam message. Xrumer takes care of all the rest: it will decipher the captha codes. If registration is required, it will await the confirmation emails 'click' the activation link and post the spam.

Xrumer only targets bulletin boards running common scripting languages such as PHP, most likely because they are easy to find. But it will only be a short stretch to imagine a similar technology getting unleashed towards blogs, and we're in comment spam hell all over again.

• No link provided to Xrumer's website - as a policy we don't link to potentially harmful applications.