Outsource Captcha Bypassing by Hackers Easily

Cybercrime groups are now utilizing cheap labor in order to break into social networking sites like Facebook and take advantage of the huge user base for their identity theft scams and other Cyber security threats.


Most online services use Captcha as a means of defense against hackers. Captcha forces human users to recognize deliberately distorted characters or letters, or solve simple mathematical equations in order to complete application forms online. The latest advances in captcha technology have their characters or symbols so well-hidden that most bots cannot overcome them.


Cyber hackers abuse low wage people for bypassing Captcha messages

To beat this mechanism, cybercrime now utilizes the services of Captcha breaking groups.

In developing countries all over the world, people are being recruited online and are working long shifts deciphering Captcha sequences.

The “outsourcing” groups are often paid only half a cent to a cent for each piece of Captcha they interpret. Often these breakers do not receive direct contact with hackers but rather are organized by coordinators.

Using the deciphered answers, bots used by hackers have been able to create a flood of user accounts in various social networking sites to use in victimizing other users.


Due to botnet infections forcing spam, up to 90% of email traffic is just spam.

The social networking community may face similar problems as their ever-increasing user membership attracts all sorts of scammers looking to recruit machines into their botnets or steal personal information under the guise of peddling fake products and services.

In fact, many of the old tricks used by hackers in tricking people through spam email are now being used in social networks, such as using misleading URLs leading to download sites for malware.


An example of malware which may have benefited from Captcha breaking group is a worm proliferating in MySpace and Facebook named Koobface.

This worm attempts to get users to click on a link to what is supposed to be a YouTube video.

Upon clicking on the URL, it informs the user that it needs to upgrade Flash Player in order to view the video.

Clicking the download link installs Koobface and will then proceed to automatically search out all of the user’s contacts in Facebook and MySpace and send a copy of the message and the download link to the worm.

Subsequent infection will note that they received the message from one of their confirmed friends instead of a rogue account.


The worm can also copy parts of cookies in the infected user’s machine in order to locate accounts in other social networking sites such as Friendster, LiveJournal, Hi5 and others. The worm is also extremely flexible and can quickly adapt into new forms, with over 20,000 observed variations.