Dear blog readers,
It’s a public secret that the majority of modern websites today rely on the use of CAPTCHA for proper user detection versus bots or automated software detection, which in reality is a flawed and outdated approach to protecting a website and its visitors as in 2022 we continue to live in a world where solving CAPTCHA as a service which also includes solving reCAPTCHA as a service continues to proliferate with thousands of possible users around the world processing hundreds of thousands of CAPTCHAs courtesy of popular CAPTCHA services with the aim of empowering Russian or international cybercriminals in the process of correctly and automatically registering new accounts on major websites and social networks internationally.
In this article, I will detail the activities of several well-known CAPTCHA solving services and discuss in depth their features with the idea of raising awareness of the concept, including systematic and automatic CAPTCHA solving through humans and their affiliated networks.
Examples of URLs known to have been involved in the campaign:
hxxp://captchasolver.com – 126.96.36.199; 188.8.131.52; 184.108.40.206; 220.127.116.11; 18.104.22.168
hxxp://captchaocr.com – 22.214.171.124; 126.96.36.199; 3,130,204,160; 188.8.131.52; 184.108.40.206
hxxp://typethat.biz – once run the sample phones to hxxp://5fc.info – 220.127.116.11; 18.104.22.168; 22.214.171.124; 126.96.36.199; 188.8.131.52
The MD5 sample known to have been involved in the campaign includes:
Related URLs known to have been involved in similar campaigns include:
*** This is a syndicated blog from the Security Bloggers Network of Dancho Danchev’s Blog – Mental Flows of Information Security Knowledge Written by Dancho Danchev. Read the original post at: https://ddanchev.blogspot.com/2022/10/captcha-is-dead-heres-proof.html