NEWS FROM THE LAB - Monday, April 27, 2009

CAPTCHA me if you can! Posted by Mikko @ 14:36 GMT

Last week, a Vietnamese security company located a worm that mass-registers Gmail accounts for spamming purposes. In order to do that, the worm needs to crack the Gmail CAPTCHA security images.

gmail captcha

In order to do that, the worm uploads the CAPTCHA images to a Russian CAPTCHA Cracking Service.


This service offers 1000 cracked codes for $1 with a money-back guarantee in case of mistakes, or with codes that took too long to crack (over 60 seconds).

Such services typically use humans to crack the codes manually. It's hard to image a more repetitive or boring job. The people behind such services exploit cheap labor or possibly – child labor. Read more from this article by Byron Acohido.

Perhaps the most surprising twist in the whole story is that Google is not just a victim here.

Surprisingly, if you go searching for terms like "crack captcha" or "break captcha", you will get sponsored ads in Google search results — for CAPTCHA cracking services!


Does anyone else see any irony in here?