Ads Captcha

I’ve just read an article on online “Network World” by Brad Reed dated 10/01/09 saying that hackers have found a way to crack Facebook’s Captchas and create false accounts. Those accounts are used for spreading spy ware phishing credit cards and other valuable information from innocent users.

Those rogue accounts show a picture of a woman and the moment one clicks on her video profile – it activates the spyware.

Facebook states it’s doing its best to eliminate false accounts ‘though it’s not easy to detect them. As a matter of fact, anyone can bypass Facebook’s Captacha code simply by googling a Youtube video tutorial which shows step by step how to remove facebook’s Captcha’s code.

I guess the nice thing in this story is the fact that Facebook, the great social network, has joined Google, Yahoo and Hotmail – all targets for spammers attack.

Once again it has been proved that captcha should be improved constantly  if it’s into serving as a reliable spam blocker as well as a security system.

You can read more about Facebook Captcha Attack here

Not too long ago the Gmail registration, which supposed to be secured by the highly popular captcha test, was cracked by spammers. What are the implications of this event? 

First, let’s start with clarifying the meaning of that strange word “CAPTCHA”.
Captcha is an abbreviation of “Completely Automated Public Turning test to tell Computers and Humans Apart”.

The captcha test is used all over the online world by all kinds of websites who want to verify the user who’s signing up to them is a human and not a robot or some automated machine.
In other words, by using the Captcha test all spammers are supposed to be filtered out.

Unfortunately, it has been discovered lately that spammers have succeeded to create bots that are capable to open Gmail accounts and thus can attack and abuse the infrastructure of Google mail.

Gmail, as you may know, is a free service by Google. It is considered as a highly user-friendly, simple and flexible platform that enables over 6000 MB of storage for free (plus more 10GB for a symbolic fee of 20$ a year) and it has tens of millions of satisfied users from all over the world.

The bots succeed to open accounts by feeding all the data required on the sign up page and then cracking the Captcha (usually displayed at the bottom, at the end of the registration process). Bots are trying to create new accounts as many as possible, by using 2 hosts in the process of cracking the Captcha code. Once the first host fails to break the code the second host gets into action.
The cracked Captcha codes are stored in a domain located at United States.

Luckily, Captcha is not an easy test for machine computers or bots and in spite of endless repeated cracking attempts only 20% Captchas are busted. 

Is it possible to overcome the Captcha cracking problem on Gmail registration process?
I guess only time will tell…