I have a forum that's getting hit a lot by forum spambots, and of course the best way to defeat something is to know thy enemy. I'll worry about defeating those spambots later, but right now I'd like to know more about them. Reading around, I felt surprised about the lack of thorough information on the subject (or perhaps my ineptness to input the correct search terms for better google results).

I'm interested in learning all about spambots. I've asked on other forums and gotten brush-off answers like "Spambots are always users registering on your site."

• How do forum spambots work?
• How do they find the 'new user registration' page? (I'm especially surprised because some forums don't have a dedicated URL for this eg, www.forum.com/register.html , but instead use query strings or even other methods invisible to the URL bar)
• How do they know what to enter into each 'new user registration' field?
• How do they determine what's a page they can spam / enter data into and what is not?
• Do they even 'view' this page at all?
• ..If not, then I'd assume they're communicating with the server directly - how is - this possible? How do they do it?
• Can forum spambots break CAPTCHAs? Can they solve logic questions (how?)? Math questions?
• Do they reverse-engineer client-side anti-bot validation scripts? Server-side scripts?
• What techniques are still valid to prevent them?
• Where do spambots come from? Is someone sitting behind the computer snickering as they watch their bot destroy site after site? Or are they snickering as they simply 'release' it onto the internet somehow? Are spambots 'run' by an infected computer somewhere? Do they replicate themselves?
• etc