SPAM-Bots can decrypt Captchas… ups…


If you thought that those fancy Captchas would serve their purpose of SPAM prevention forever you might want to think again.

From Wikipedia:

“A CAPTCHA (IPA: /ˈkæptʃə/) is a type of challenge-response test used in computing to determine that the user is not run by a computer. The process involves one computer (a server) asking a user to complete a simple test which the computer is able to generate and grade. Because other computers are unable to solve the CAPTCHA, any user entering a correct solution is presumed to be human. A common type of CAPTCHA requires that the user type the letters of a distorted image, sometimes with the addition of an obscured sequence of letters or digits that appears on the screen.”

It usually looks something like that:

Captcha

Now the news:

“Websense Security Labs ThreatSeeker™ technology has discovered that spammers in their recent tactics have drawn their attention towards traditional and infamous Hotmail, aka Live Hotmail services after the streamlined Live Mail Anti-CAPTCHA operations. Spammers have managed to create automated bots that are capable of not only signing up and creating random Hotmail accounts, but also use these accounts for spamming purposes from a proper Live Hotmail service.”

hotmailcatpcha-1.7[1]

Source 1: http://securitylabs.websense.com/content/Blogs/3063.aspx#
Source 2: http://en.wikipedia.org/wiki/CAPTCHA

  1. #1 by martin on April 16, 2008 - 04:37

    Breaking of CAPTCHAs has been the subject of scientific research for at least the past five years, with very good results (30%-90% probability) right from the start. It was only a question of time for spammers to catch up on this, especially when considering that they have already been using mechanical-turk style captcha breaking for at least the past one or two years.

  2. #2 by bietiekay on April 16, 2008 - 07:48

    Well then – my hope is that these captchas (which most of the Time I am unable to decrypt myself) will not be used anymore and replaced with something better working (which obviously would one have to invent)

Comments are closed.