Google ReCAPTCHA Cracked In New Automated Attack

An anonymous reader writes: A trio of security researchers have devised a new automated attack that can break the CAPTCHA systems employed by Google and Facebook. On Google's reCAPTCHA system, researchers recorded a 70.78 percent success rate over 2,235 CAPTCHAs. Average CAPTCHA solving time was 19.2 seconds. They achieved a better success rate on Facebook's system, where they had a success rate of 83.5 percent on over 200 CAPTCHAs, but this was mainly because of higher quality images, and photos were selected from different topics, and were also easier to recognize and classify. For attackers, the whole automated system would cost only $110 a day, per IP address, and would allow them to crack around 63,000 CAPTCHAs in 24 hours from one IP address without being detected and getting banned.

Re:

[AvitarX]

you think 5 a cent on Mechanical Turk?

dammit

[Kkloe]

now how are we going to stop terminator infiltrators at the door when skynet rises

Re:

[Thanshin]

"You're in a desert, walking along in the sand when all of a sudden you look down and see a tortoise. It's crawling toward you..."

Re:

[Big Hairy Ian]

"You're in a desert, walking along in the sand when all of a sudden you look down and see a tortoise. It's crawling toward you..."

Holden: Describe in single words only the good things that come into your mind about... your mother.

Leon: My mother?

Holden: Yeah.

Leon: Let me tell you about my mother.

I fairness to the guy any member of the Palin family would probably have had the same response

Re:

[Anonymous Coward]

know your paradoxes

1. Stand still
2. Remain calm
3. Scream

"This statement is false!"
"New Mission: Refuse this mission!"
"Does a set of all sets contain itself?"

Aperature

Yeah, they screwed up the Barber paradox [wikipedia.org]. :(

Re:

[Thanshin]

1. Stand still
2. Remain calm
3. Scream

Paradox? This looks like standard operational meeting procedure.

Re:

[lgw]

This was played so well in Ghost in the Shell SAC, where the more advanced AIs took out a less advanced AI this way, mocking it for not being able to handle such a simple trick. Tachikomas [wikipedia.org] remain my favorite AIs from all SF, and the story had the best telling of how dealing with rogue military AIs would realistically go (no spoilers).

Captcha cracking using AI is a losing battle

[140Mandak262Jamuna]

Captcha generation can be scaled up quite cheaply and the cracking it automatically does not scale well. But why bother to create a complex system to mimic a human brain, when human brain itself is available for hire for a pittance? You could hire someone in India to manually solve some 30 to 60 captcha an hour for about 100 Rs per hour, or less than $1.50. This method of cracking captcha is unbeatable because, you can not make Captcha more difficult without hampering legitimate users.

Re:

[bhcompy]

Please select all images that reflect different forms of Goku

Re:

[Anonymous Coward]

From the article: "Our completely offline captcha-breaking system is comparable to a professional solving service in both accuracy and attack duration, with the added benefit of not incurring any cost on the attacker." From the researcher paper: "When taking into account the flexibility, 321 (44.3%) of the captchas were solved. The average solving time for the challenges that received a solution was 22.5 seconds. While the accuracy may increase over time as the human solvers become more accustomed to the im

Re:

[140Mandak262Jamuna]

True for the current generation of the captchas. Once google improves its captcha, the cost of upgrading the cracking software and training it would be very high. Human beings, should adapt instantly.

Re:

[wvmarle]

Better use the bot.

It's been a while I've had a ReCAPTCHA to solve, but the stats posted seem much better than my attempts (maybe 30% correct, after numerous reloads to get something I think I can read... so frustrating). Those Indians may get better with practice but those modern day captchas are just getting too hard for normal humans to solve!

Re:

[joboss]

You can crowd source. I've done personal security experiments with this kind of thing. You basically just proxy the captcha and make a frame work for doing that. You have a normal captcha system that before making a captcha first checks a queue of ones already available and uses one of those if present. The user input is forwarded and the response used. If there is nothing in the queue it uses the normal captcha mechanism. Obviously you want some kind of timeout. The bot/s can simply keep getting new captc

Re:

[aliquis]

80% accuracy rate is better than I have with some of them.

Some are simply too hard.

Deep Learning/Neural Net

[wardrich86]

Wouldn't it be neat if Google's very own system was being used to crack their CAPTCHA system?

Re:

[Shawn Willden]

Wouldn't it be neat if Google's very own system was being used to crack their CAPTCHA system?

What's cool is that Google's reCAPTCHA system is being used by Google Maps to improve street address localization, using images of street numbers captured by StreetView cars. People are asked to extract numbers from images that Google's automated number extraction system couldn't get, or wasn't sure about its results. Yes, this means the first few times a given image is presented to a human, the system isn't sure what the correct answer is which means it passes some people/bots it should not, but it also me

Re:

[religionofpeas]

which will simultaneously make Google Maps work better and improve reCAPTCHA.

I don't know if reCAPTCHA will be improved. It will make it harder, for sure, but it's already dangerously close to the point where it's getting too hard for humans.

Re:

[Shawn Willden]

which will simultaneously make Google Maps work better and improve reCAPTCHA.

I don't know if reCAPTCHA will be improved. It will make it harder, for sure, but it's already dangerously close to the point where it's getting too hard for humans.

Perhaps. I don't have any trouble with reCAPTCHAs. I do with other captcha systems, but Google's seems pretty easy for humans to me. So far.

Re:

[wardrich86]

It's been a long time since I've seen a Captcha that wasn't a simple "[ ] I am not a robot" followed by a simple "Click on all the pictures of [FOO]" if it happens to think you might be a robot.

Re:

[Wycliffe]

Yes, this means the first few times a given image is presented to a human, the system isn't sure what the correct answer is which means it passes some people/bots it should not

No, it doesn't. That's why recaptcha always presents you two images. One image is the test where they know the correct answer because X number of people have already told them the correct answer while the other image is the image that they don't yet know the correct answer for. You really only need to know the answer to one of the images to pass but you never know which one. If one of the images is completely unreadable then it is likely that it is the unsolved one so just making something up for that

Hmmm ....

[gstoddart]

So I'm a little rusty on doing shady things on the intertubes which could get me banned ...

For attackers, the whole automated system would cost only $110 a day, per IP address, and would allow them to crack around 63,000 CAPTCHAs in 24 hours from one IP address without being detected and getting banned.

And I would be doing this ... why?

So I can spam Google and Facebook? Really, it's that lucrative that you'd spend $110/day/IP?

I've never even seen a Captcha for Google, and I really have no idea of when you'

Re:

[pla]

I've never even seen a Captcha for Google, and I really have no idea of when you'd see them, or why you'd pay to break them.

If you do a bunch of searches in quick succession, it will occasionally ask you to solve one. Seems kinda random, though, some days I can search for half an hour as fast as I can type without getting one, while others I get a captcha after my third attempt to refine the results.

Re:

[Anonymous Coward]

It's partly related to the search terms aswell. If you use things like site: or inurl: the risk of a captcha is much higher.

Re:

[Anonymous Coward]

And I would be doing this ... why?

If you have to ask, you'll never know...

Re:

[gstoddart]

If you have to ask, you'll never know...

Google has a Room of Requirement?

Oh, man, I never get to have any fun.

Re:

[AvitarX]

My phone uses carrier grade NAT.

I don't know how many devices per an IP, but it seems plausible that thousands could happen.

Cost analysis from article differs from summary

[Hwaguy]

I'm not sure where the the article summary got its notion about the costs. The article doesn't address that- instead it spoke to how much could be made selling the service. From the article:

Assuming a selling price of $2 per 1,000 solved captchas, our token harvesting attack could accrue $104 - $110 daily, per host (i.e., IP address). By leveraging proxy services and running multiple attacks in parallel, this amount could be significantly higher for a single machine.

I think the authors of the article were trying to communicate how much money they could make selling this 'service' to other unsavory agents. It could be a lucrative business given the assumed market rates of $2 per 1k, and the mentioned optimizations could make it even more attractive. It makes me wonder if you could set up the whole thing in a cloud computing environment like AWS and come out ahead.

70% That's better than I can do

[Registered Coward v2]

trying to enter them as a real human being. Seriously, the captcha system is broken because as long as there is a monetary value to breaking it someone will, even if it is simply paying a few cents per capture to break them to a human in some low wage country. The only authentication system I have seen that didn't rely on a separate hardware device for authentication that was worth a damn were those that, rather than requiring a selection or inputing what you see on screen, asked a question that only someone family with the topic would know. For example, I've seen engineering bulletin boards ask for the name of a specific type of beam, automotive ones that ask something unique to the marque, etc. so automating a process to gain entry is not practical. Of course, one you know the answer you can easily create multiple accounts, but these boards also limited posting ability for a set period of time and or required a secondary confirmation before gaining full access to limit the drive by spamming of EXCELLENT QUALITY!!! YOU BUY CHEAP!!! DESIGNER!!! posts.

Re:

[wvmarle]

For example, I've seen engineering bulletin boards ask for the name of a specific type of beam, automotive ones that ask something unique to the marque, etc. so automating a process to gain entry is not practical.

Works mostly due to obscurity and there being millions of tiny boards out there, a single human intervention and it's completely broken.

Re:

[Registered Coward v2]

For example, I've seen engineering bulletin boards ask for the name of a specific type of beam, automotive ones that ask something unique to the marque, etc. so automating a process to gain entry is not practical.

Works mostly due to obscurity and there being millions of tiny boards out there, a single human intervention and it's completely broken.

I concur, which is why the decent ones add in a another layer to try to frustrate the drive by's.

Re:

[Shawn Willden]

The only authentication system I have seen that didn't rely on a separate hardware device for authentication that was worth a damn were those that, rather than requiring a selection or inputing what you see on screen, asked a question that only someone family with the topic would know. For example, I've seen engineering bulletin boards ask for the name of a specific type of beam, automotive ones that ask something unique to the marque, etc. so automating a process to gain entry is not practical.

Nonsense. Those are weaker than the general-purpose ones. They draw on knowledge from a relatively obscure area, but it's very unlikely that they have a wide selection of questions/answers. All you need is a knowledgeable human to work his or her way through the question database providing answers for the bot to use, and it's broken. Of course, the value of creating large numbers of fake accounts on such systems is so small that it doesn't matter. Honestly, their goal probably isn't to keep out bots at all,

Re:

[Registered Coward v2]

The only authentication system I have seen that didn't rely on a separate hardware device for authentication that was worth a damn were those that, rather than requiring a selection or inputing what you see on screen, asked a question that only someone family with the topic would know. For example, I've seen engineering bulletin boards ask for the name of a specific type of beam, automotive ones that ask something unique to the marque, etc. so automating a process to gain entry is not practical.

Nonsense. Those are weaker than the general-purpose ones. They draw on knowledge from a relatively obscure area, but it's very unlikely that they have a wide selection of questions/answers. All you need is a knowledgeable human to work his or her way through the question database providing answers for the bot to use, and it's broken.

While I agree it certainly can be broken, and once an answer is identified it is a very weak system, but then again a bot would have to look for clues in questions and understand context because the even if you have the same words in a question they could have different answers depending on context. A second layer of validation is easier for smaller sites but then they aren't really targets as you point out.

Of course, the value of creating large numbers of fake accounts on such systems is so small that it doesn't matter. Honestly, their goal probably isn't to keep out bots at all, but to make the forum hard for people outside of their target audience to access.

Certainly, most are so obscure they aren't worth the trouble, so making it labor intensive operati

Re:

[war4peace]

I guess you're referring to the "I am not a robot" checkbox?

Re:

[VorpalRodent]

Yes. They refer to this as "NoCaptcha".

Bots can be easily beaten

[fb0r]

Just make the recaptcha a minimum length of twelve characters, use sans serif only and make it consist solely of capital i's and lower case l's.

Re:

[KGIII]

That you, not logged in, Karmashock?

Oh crap...

[Ecuador]

I already have trouble deciphering some captchas, having need for a second (or even third) try in some occasions, which is REALLY annoying. If they make them any harder, I think only bots will be able to solve them and not humans...
Wait, is that the next generation of captcha? You are human if you fail?

Re:

[gstoddart]

Well, it's simple ... hire a bot to solve the captchas for you.

Re:

[operagost]

I already tried to do that, but in order to sign up for the bot, the company made me solve a captcha.

Re:

[gstoddart]

It's bots and capchtas all the way down. ;-)

I'm dyslexic - can I buy a copy of this software?

[Anonymous Coward]

Seriously, I hate the CAPTCHA. I have a very hard tiem reading them. Some site, it takes me 4 or 5 tries to get it right. You hit the "voice" and half the time I cannot understand it. There are many types of dyslexia - they all seem to be gathered under one umbrella diagnosis - but sometiems, for some of us, who mispronounce - mishear the exact same words we mistype and spell

CAPTCHA for people like me who are dyslexic is exactly the same thing as putting child proof/resistant tops on bottles of pain kil

Re:

[KGIII]

Heh... I'm partially colorblind and it appears to be getting worse with age. I can usually still recognize patterns but I have issues with certain colors and various shades. I have, on the other hand, learned to not argue with people when they tell me something is a different color than what I said it was. At first, I thought people were just fucking with me. It wasn't too bad when I was younger but it's not that great now. Blue, gray? Yellow, orange? Red, orange? Fucked if I can be certain. I seriously tho

Robot better than humans

[loufoque]

Those numbers are better than I am at this.