Online

Spambots Can Now Fool Yahoo CAPTCHA Tests: Yes, Worry

By Wilson Rothman on January 31, 2008 at 2:39 AM

CAPTCHA_with_Bots.jpgYou know those anti-spam tests that make you enter funny characters to prove you’re a human? Well, non-humans can finally fake their way into systems using the “Completely Automated Public Turing test to tell Computers and Humans Apart” too—even Yahoo’s pretty secure system, according to new reports.


A Russian security researcher known only as “John Wane” (sic) says that his team has developed a system that correctly identifies the images from Yahoo’s CAPTCHA system 35% of the time. According to one analyst, the irony is that the image recognition used to fight off the current generation of image-embedded spam will now be used to create the next wave of spam itself.

Yahoo apparently confirmed that this was the case:

We are aware of attempts being made toward automated solutions for CAPTCHA images and continue to work on improvements as well as other defences.

This doesn’t just finger Yahoo, since the verification technique is used by other online e-mail providers too. In the words of the analyst, the hack “could be used for spam…could be used for phishing…could create a fairly significant number of e-mail accounts.” I’m thinking this also means I’m screwed next time I want tickets for a concert, too. [TMCNet via Slashdot]

Tagged:

Comments (AU Comments | US Comments)

    There are currently no AU comments for this post.

Post Your Comments

Got something to say? There are two ways to comment:

1. Guests

Click here to comment instantly.

2. Facebook Users

Click below to comment using your Facebook account.

We're looking for comments that are interesting, substantial or highly amusing. If your comments are excessively self-promotional, obnoxious, or even worse, boring, you will be banned from commenting. All comments are moderated.