Gotcha, CAPTCHA! Gmail bot detector system cracked

By Jacqui Cheng | Published: February 26, 2008 - 01:41PM CT
ARS Technica

The Gmail CAPTCHA has been cracked—albeit not easily—raising new concerns about spammers' ability to abuse Google's e-mail services. Websense Security Labs pointed out the security breach late last week, noting that spammers have a lot to gain by being able to use bots to automatically sign up for new accounts.

Google's free e-mail services and a highly-desirable gmail.com domain—one that is unlikely to be blacklisted by anybody's spam filters—are just two of the features that induced spammers to crack the CAPTCHA and have bots do all the work. On the upside, it apparently wasn't easy—Websense says that it required two bot hosts to crack instead of just the one that recently cracked Windows Live Mail's CAPTCHA (Websense believes that the same group was involved with both).  [Comments...]