This stripper is paid in Captchas

This stripper is paid in Captchas

Summary: Spammers have a new way around captchas: A virtual stripper who is paid when you fork over scrambled text messages, known as Captchas.The BBC is reporting that a Windows game shows a woman in "a state of undress" when a person correctly types in a Captcha--those squiggly letters you need to type in to conduct your daily Web business.

SHARE:
TOPICS: Windows
13

Spammers have a new way around captchas: A virtual stripper who is paid when you fork over scrambled text messages, known as Captchas.

The BBC is reporting that a Windows game shows a woman in "a state of undress" when a person correctly types in a Captcha--those squiggly letters you need to type in to conduct your daily Web business. Captchas are also known as "Completely Automated Public Turing test to tell Computers and Humans Apart."

In the game, a woman named melissa invictes victims to decipher the text. After a bunch of Captchas you get your payoff and the malicious program gets its way around the Captcha system.

The BBC notes that the program isn't out in the wild, but it could have some legs. The Captcha killer runs on Windows 98, ME, NT, 2000, XP and Server 2003.

Topic: Windows

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.

Talkback

13 comments
Log in or register to join the discussion
  • Distributed wetware computing? (nt)

    .
    Henrik Moller
    • RE: Distributed wetware computing?

      Never has the term been so apt.
      johnay
      • touch? (nt)

        exactly
        mmonstre
  • RE: This stripper is paid in Captchas

    Don't they know this will make them go blind?
    rwandering
  • Couldnt capcha block remote linking?

    just a thought.
    Been_Done_Before
    • Proxy servers

      Sure, Yahoo! could block remote linking, but there are millions of open proxies out there that could just relay CAPTCHAs to users.
      genericman
      • Well i guess you would have to change the code on the page then

        Bots have a pattern, you pick it out and kill it. I put a model in place on one of my websites that stopped a bot dead in its tracks and didnt affect the user.

        I dont have a high traffic site, but they did hammer my site server for a few hours until the code was in place. They found a way around it and i adapted one more change to the code.. that new combo hasnt been breached yet.

        Lesson here, there is always a way around these script kiddies, unfortunately you have to stay vigilent(which sucks).
        Been_Done_Before
  • This is not really new.

    This is pretty old news. I've heard about this theoretical "porn site" attack against Captchas for a while. This is, however, the first implementation of the theoretical attack I've heard of.
    CobraA1
    • Yup, I've heard of this many years ago

      Yup, I've heard of this many years ago. It's a great way to get free HI (Human Intelligence) slaves that will pretty much crack any captcha you throw at them. The captchas will let them set up as many free Google or Hotmail accounts as they like using an automated system. They can also spam forums that require captchas to post.
      georgeou
    • Website method is better anyway

      No kidding, cept this is a far less effective method in the form of a windows virus. Websites have been using this for years, usually in order to trick their users to give them referral links and make money thru ad banners.
      PortVista
  • Ah, free enterprise at work!

    You gotta love it!
    itpro_z
  • RE: This stripper is paid in Captchas

    Edit:
    In the game, a woman named melissa <i>invictes</i>...

    change to:
    In the game, a woman named melissa <i>invites</i>...

    Keep up the great work, love your news.
    zdneteditor
  • RE: This stripper is paid in Captchas

    This is genius. So the user unknowingly solves a captcha with a striptease!

    <a href=http://thesillywabbit.com>The Silly Wabbit<a/>
    <a href='http://thesillywabbit.com'>The Silly Wabbit<a/>
    Xavier101