A CAPTCHA breaking infrastructure is used to register new accounts with Blogger, as shown below.
According to the post, the infrastructure is very sophisticated:
- The time between grabbing a CAPTCHA and breaking it is less than three minutes (most of the time just a few seconds!)
- Due to the way how Koobface’s infrastructure works, it’s possible to break hundreds of CAPTCHA per minute!
- In this way it’s possible to register thousands of fake bit.ly/Blogspot accounts per day
The author wonders if the security industry is placing too much faith in CAPTCHAs.