Computers Catch up on Humans; Captchas cracked in 60 seconds

CAPTCHAs (Completely Automated Public Turing test to tell Computers and Humans Apart) have been by far the most popular way to distinguish real humans from nasty spam bots.

But cracks have already appeared in the system and it is only a matter of time before CAPTCHAs are overwhelmed and defeated; Back in March 2008, we reported that hackers had beaten Google's Captcha and others were employing humans to actually circumvent CAPTCHAs.

Now Websense has published a very long article on how spammers have cracked Microsoft's Live services CAPTCHAs and are not only signing up and creating random Hotmail accounts but also using these accounts for spamming purposes from a proper live Hotmail service.

Hotmail, as other webmail popular services, is unlike to be blacklisted because it is so popular, then the fact that there are so many legit hotmail accounts makes it even more difficult to track down potential spammers.

Although the process (which requires a Trojan to be installed on a compromised PC first) is a hit and miss, even a low success rate of 10 percent is sufficient enough to bring in a tidy profit for spammers.

According to Websense, it takes only a few seconds to guess the CAPTCHAs which means that in one day, a single bot can capture at least 1440 correct accounts.