Latest news with #CAPTCHA
Epoch Times
21 hours ago
- Business
- Epoch Times
We've All Clicked One Before, Now Hackers Are Creating Fake CAPTCHAs to Steal Data
Over 2,000 websites globally and nearly 80 small to medium-sized Australian businesses have had their websites compromised by a sophisticated hacking scheme leveraging the familiar CAPTCHA prompt. A new report (
Forbes
24-05-2025
- Forbes
Windows Passwords Are Under Attack — Do These 7 Things Now
Beware these Windows CAPTCHA attacks. SOPA Images/LightRocket via Getty Images Microsoft Windows is always a premier target for cybercriminal actors, and more often than not, passwords are front and center of their campaign payloads. Be it the pray and spray hackers employing automatic password hacking machines, state-sponsored advanced persistent threat groups targeting the enterprise, or even warnings from security researchers about the threat presented by Copilot AI for SharePoint, Windows passwords are the most valuable of low-hanging fruits. Now Trend Micro has confirmed how one particular password threat is making a determined effort to get hold of yours. Here are seven things you need to do to stop your organization being the next victim of the Captcha hackers. The Completely Automated Public Turing test to tell Computers and Humans Apart, thankfully shortened to Captcha, is something that we have all encountered and all have much the same hatred for. Being asked to select squares containing images of bicycles or ticking a checkbox to prove we are not a robot (wouldn't a robot be able to do that?) are largely pointless at the best of times, and downright dangerous at the worst. If AI cannot solve a Captcha more often than not, then, frankly, we have nothing to fear from our robot overlords. What we do have to fear, however, are hackers using Captcha methods to initiate an infostealer malware infection chain that ultimately leads to password compromise. he latest Trend Micro research takes a deep dive into the technical details behind what it refers to as 'a notable surge in fake Captcha cases.' As always, I recommend you go and read that report in full if it is the technical teardown that you are after. The TL;DR, however, is that this wave of fake Captcha attacks is tricking users into pasting malicious commands into the Windows Run dialog, with payloads executed in memory and often employing PowerShell. 'These attacks enable data exfiltration, credential theft, remote access, and loader deployment,' the Trend Micro researchers warned, 'via malware such as Lumma Stealer, Rhadamanthys, AsyncRAT, Emmental, and XWorm.' Yes, Microsoft has just led a global operation to dismantle much of the Lumma Stealer network infrastructure. No, that doesn't mean you are now safe. As one player is disrupted, so others rise to fill the void. 'These campaigns abuse multiple legitimate platforms, including file-sharing services, content and search platforms, music repositories, URL redirectors and document hosts,' Trend Micro said, and those using Windows operating systems where minimal script execution restrictions are employed are most at risk. Microsoft has recommended that 'customers always practice good computing habits online, including exercising caution when clicking on links to web pages, opening unknown files, or accepting file transfers,' as well as 'switching to Passkeys wherever possible and using authentication apps such as Microsoft Authenticator, which warn users about potential phishing attempts.' The Trend Micro report, however, concludes that organizations should apply the following seven mitigations: Of course, if you really care about your Windows passwords, I would also add that opening the Windows Run window by pressing Windows+R, pasting the clipboard's content in the run window using CTRL+V, and then pressing Enter to execute it, isn't the best response to a supposed Captcha text. Think smart and don't do that, OK?
Time of India
04-05-2025
- Business
- Time of India
Duolingo has millions of Indian users, but less than 1% pay: Luis von Ahn, CEO and cofounder
The next time a user-verification test on a website refuses to believe you are human, here's someone you can blame: Luis von Ahn, inventor of CAPTCHA. The man behind arguably one of the most 'annoying' things on the internet—he laughs but disagrees, 'CAPTCHA is annoying, but there are probably more annoying things'—von Ahn has made a career out of defying expectations. He developed CAPTCHA as a graduate student and handed it to Yahoo for free, before going on to teach computer science at Carnegie Mellon University. Von Ahn, who won the MacArthur 'genius' grant at 28, later founded reCAPTCHA and sold it to Google where he also worked. Then he walked away from it all, trading the tech world's surest bet for a risky idea: that learning a language could be as addictive as checking your phone. That gamble became Duolingo, the gamified language-learning app he launched in 2012 that now has more than 130 million monthly active users. In a virtual interview with ET, the CEO and cofounder of Nasdaq-listed Duolingo talks about why the Indian market has been tougher than expected and what about AI keeps him up at night. Edited excerpts: How big is the India business? It's the fifth-largest country for us in terms of users and it is growing quite a bit. We have millions of monthly active users. But in terms of revenue, it's not there yet. In India, there's a real reluctance to pay for the app. Worldwide, 9% of our monthly active users pay to remove ads. In India that percentage is well under 1%. Do you have a strategy to make the Indian user pay? No, but if you have any good ideas, let me know! (Laughs) I come from Guatemala, a relatively poor country where people go through great lengths to not pay: they are okay watching 10 ads in a row just to avoid paying. Over time, this will change, and people will be more okay with digital subscriptions. But at the moment we have geographies that have lower GDP per capita and those are the ones that don't pay—mainly because our free version is good. We have about 12 markets that we pay attention to and India is one of them. We are taking the long view with India. And we expect that over time, we will be able to monetise here. When teaching a language, how do you bring in nuances like sarcasm, humour, etc and what's the role of large language models (LLMs) in that? If you are a beginner, you are not going to understand humour or sarcasm—you're mainly trying to figure out what the word is for 'Hello'. For more advanced users, we do put in those things. Historically, computers were not very good at that. But over the last two years, with LLMs, computers are about as good as humans at all of this—humour, poetry, rhyming, etc. At this point, all our modules are made by computers, and it's about as good as a human teacher. The pace at which AI and LLMs like ChatGPT are developing, they will be a competition soon…. LLMs are already very good at teaching you a language. You can learn a language with ChatGPT, for example. But that doesn't make it a competition for us. The reality is you can learn a language with a book. In fact, you can learn anything from a book—even quantum physics, if you want. What is unique about Duolingo is that we are very good at keeping people engaged. That's the hard part. Sceptics say Duolingo is only good up to a basic point—it won't really help you learn a language. For instance, I am nearing a 2,000-day streak in a French course, but can barely speak the language…. We have data to prove that Duolingo works. The thing is it takes a very long time to learn a language: you need to spend 500 or 1,000 hours. So even with a 2,000-day streak, if you are only spending three minutes a day, it's not going to cut it. You just have to put in the time. You recently had to remove all LGBTQ references in Russia after a warning from the Kremlin. We are seeing something similar now in the US with a lot of companies rolling back DEI policies after Trump. Will we see any such change in Duolingo? No, our values will remain the same. In certain geographies, it's just illegal to do certain things and, of course, we are going to follow the local laws of every country that we operate in. In the US, I am hoping that there will be no laws that get changed for this type of stuff. We are going to continue being who we are as a company. The way AI is evolving, do you see people learning languages 20 years from now? I think so. Look, it is very hard to know what is going to happen in the future, but most of our users fall into two big buckets. Half of them are people learning a language as a hobby. That won't change after AI because it's like playing chess, for example. Computers have been better than humans at chess since 1997, but people still learn chess and play chess. The other half of our users are learning English to upskill. I don't think that is going away anytime soon either. Which bucket do Indians fall in? The second one? They are mainly learning English, yes. What scares you the most about AI? The unknown. We are undergoing a major shift, and I don't know what's going to happen on the other side. It could be that this just ends up being a really useful tool or it could end up taking over everybody's jobs. The positive scenario is AI will just assist us so we can do everything we ever wanted and hand over the unpleasant tasks to AI. The negative scenario is it could very well be that poor countries end up losing a lot of their income streams and they don't have enough to support themselves. It's really hard to say what's going to happen and that to me is the scary part.
Time of India
03-05-2025
- Business
- Time of India
Duolingo has millions of Indian users, but less than 1% pay: Luis von Ahn, CEO and cofounder
The next time a user-verification test on a website refuses to believe you are human, here's someone you can blame: Luis von Ahn , inventor of CAPTCHA. The man behind arguably one of the most 'annoying' things on the internet—he laughs but disagrees, 'CAPTCHA is annoying, but there are probably more annoying things'—von Ahn has made a career out of defying expectations. He developed CAPTCHA as a graduate student and handed it to Yahoo for free, before going on to teach computer science at Carnegie Mellon University. Von Ahn, who won the MacArthur 'genius' grant at 28, later founded reCAPTCHA and sold it to Google where he also worked. Then he walked away from it all, trading the tech world's surest bet for a risky idea: that learning a language could be as addictive as checking your phone. That gamble became Duolingo , the gamified language-learning app he launched in 2012 that now has more than 130 million monthly active users. In a virtual interview with ET , the CEO and cofounder of Nasdaq-listed Duolingo talks about why the Indian market has been tougher than expected and what about AI keeps him up at night. Edited excerpts: #Pahalgam Terrorist Attack Code of war: India and Pakistan take their battle to the (web)front Forex reserves show a pauperised Pakistan, a prospering India Pakistan conducts training launch of surface-to surface ballistic missile How big is the India business? It's the fifth-largest country for us in terms of users and it is growing quite a bit. We have millions of monthly active users. But in terms of revenue, it's not there yet. In India, there's a real reluctance to pay for the app. Worldwide, 9% of our monthly active users pay to remove ads. In India that percentage is well under 1%. by Taboola by Taboola Sponsored Links Sponsored Links Promoted Links Promoted Links You May Like Non perdere tempo a guardare mille siti, usa | Scopri di più Richiedi un preventivo Undo Do you have a strategy to make the Indian user pay? No, but if you have any good ideas, let me know! (Laughs) I come from Guatemala, a relatively poor country where people go through great lengths to not pay: they are okay watching Live Events 10 ads in a row just to avoid paying. Over time, this will change, and people will be more okay with digital subscriptions. But at the moment we have geographies that have lower GDP per capita and those are the ones that don't pay—mainly because our free version is good. We have about 12 markets that we pay attention to and India is one of them. We are taking the long view with India. And we expect that over time, we will be able to monetise here. When teaching a language, how do you bring in nuances like sarcasm, humour, etc and what's the role of large language models (LLMs) in that? If you are a beginner, you are not going to understand humour or sarcasm—you're mainly trying to figure out what the word is for 'Hello'. For more advanced users, we do put in those things. Historically, computers were not very good at that. But over the last two years, with LLMs, computers are about as good as humans at all of this—humour, poetry, rhyming, etc. At this point, all our modules are made by computers, and it's about as good as a human teacher. The pace at which AI and LLMs like ChatGPT are developing, they will be a competition soon…. LLMs are already very good at teaching you a language. You can learn a language with ChatGPT, for example. But that doesn't make it a competition for us. The reality is you can learn a language with a book. In fact, you can learn anything from a book—even quantum physics, if you want. What is unique about Duolingo is that we are very good at keeping people engaged. That's the hard part. Sceptics say Duolingo is only good up to a basic point—it won't really help you learn a language. For instance, I am nearing a 2,000-day streak in a French course, but can barely speak the language…. We have data to prove that Duolingo works. The thing is it takes a very long time to learn a language: you need to spend 500 or 1,000 hours. So even with a 2,000-day streak, if you are only spending three minutes a day, it's not going to cut it. You just have to put in the time. You recently had to remove all LGBTQ references in Russia after a warning from the Kremlin. We are seeing something similar now in the US with a lot of companies rolling back DEI policies after Trump. Will we see any such change in Duolingo? No, our values will remain the same. In certain geographies, it's just illegal to do certain things and, of course, we are going to follow the local laws of every country that we operate in. In the US, I am hoping that there will be no laws that get changed for this type of stuff. We are going to continue being who we are as a company. The way AI is evolving, do you see people learning languages 20 years from now? I think so. Look, it is very hard to know what is going to happen in the future, but most of our users fall into two big buckets. Half of them are people learning a language as a hobby. That won't change after AI because it's like playing chess, for example. Computers have been better than humans at chess since 1997, but people still learn chess and play chess. The other half of our users are learning English to upskill. I don't think that is going away anytime soon either. Which bucket do Indians fall in? The second one? They are mainly learning English, yes. What scares you the most about AI? The unknown. We are undergoing a major shift, and I don't know what's going to happen on the other side. It could be that this just ends up being a really useful tool or it could end up taking over everybody's jobs. The positive scenario is AI will just assist us so we can do everything we ever wanted and hand over the unpleasant tasks to AI. The negative scenario is it could very well be that poor countries end up losing a lot of their income streams and they don't have enough to support themselves. It's really hard to say what's going to happen and that to me is the scary part.
