Cybersecurity experts have reported discovering an threat actor selling CAPTCHA-solving services to its customers.
Arkose Cyber Threat Intelligence Research (ACTIR) says the Greasy Opal group is allegedly based in the Czech Republic and has, in the past decade and a half, sold all kinds of software, both legitimate and illegal. However, it drew the attention of the researchers with the CAPTCHA-solving tool.
CAPTCHA stands for Completely Automated Public Turing test to tell Computers and Humans Apart. It’s a type of challenge-response test used to determine whether the user is human or a bot. CAPTCHAs are designed to prevent automated software (bots) from doing things like creating accounts, sending email, accessing secure websites, and similar. If you opened at least one website in the last half a decade, you probably saw a CAPTCHA. It is usually a grid of up to nine images, in which the user is asked to select a few similar ones. There are different variants, though.
“Notably fast”
According to ACTIR, Greasy Opal’s tool is a “notably easy, fast, and flexible tool for the automatic recognition of a wide array of CAPTCHAs.”
“Greasy Opal positions its service as enhancing recognition velocity significantly (up to 10 times faster) and is therefore a replacement for competitive CAPTCHA-solving solutions,” such as AntiGate, RuCaptcha, or DeCaptcher, the researchers said.
The tools Greasy Opal offers are apparently bundled, and cost $70 to acquire. Furthermore, there is an additional $10 monthly subscription. Finally, those with deeper pockets can shell out an additional $100 to upgrade to the beta version and get the latest bells and whistles.
A bundle that includes all of Greasy Opal’s tools costs $190, with the additional $10 subscription fee. The researchers believe Greasy Opal raked in at least $1.7 million last year.