Cloudflare says new hCaptcha bypass doesn’t impact its implementation

Found on The Record on Monday, 03 May 2021
Browse Internet

Academics said their attack worked with a 95.93% accuracy rate and took around 18.76 seconds on average to crack an hCaptcha challenge.

But while machine learning-based attacks on image-based CAPTCHA solutions have been discovered before, the major breakthrough in this paper is that the research team achieved this with minimal computational resources — with the attack rig consisting of a simple Docker container running Ubuntu OS, configured with a 3-core CPU and only 2GB of memory.

As soon as spammers set up systems that solve Captchas with 95.93% accuracy, it will become a problem for Cloudflare.