icon

Digital safety starts here for both commercial and personal Use...

Defend Your Business Against the Latest WNY Cyber Threats We offer Safe, Secure and Affordable Solutions for your Business and Personal Networks and Devices.



WNYCyber is there to help you to choose the best service providers in Western New York... We DO NOT provide the services ourselves, as we are Internet Programmers who have to deak daily with Cyber Threats... (Ugghhh)... So we know what it's like and what it takes to protect OUR and OUR CUSTOMERS DATA... We built this Website to help steer you to those that can give you the best service at realistic and non-inflated prices. We do charge or collect any fees.

Buffalo, New York
United States

Current Threat Data

Newly Discovered Group Offers CAPTCHA-Solving Services to Cybercriminals

Summary:
A previously undiscovered group, dubbed "Greasy Opal," has been found aiding cyber attackers by providing CAPTCHA-solving services and other tools to bypass security measures. This group, based in the Czech Republic and active since 2009, was recently identified by Arkose Cyber Threat Intelligence Research after its tools were used in attacks on Arkose Labs' customers. Greasy Opal offers a variety of products, including legitimate software and controversial tools like SEO-boosting software, browser automation services, and a CAPTCHA-bypassing tool. Their CAPTCHA-solving tool is reportedly ten times more efficient than other solutions, contributing to the group’s estimated 2023 revenue of $1.7 million.

The group's sophisticated infrastructure leverages advanced optical character recognition and machine learning technologies, enabling it to quickly adapt to new CAPTCHA variations. Hundreds of attackers, including groups like Vietnam-based Storm-1152, have used Greasy Opal's software in large-scale attacks, such as creating 750 million fake Microsoft accounts.


Security Officer Comments:
The group’s customer base includes numerous individual attackers, as well as notable entities such as Vietnam-based Storm-1152. ACTIR researchers observed Storm-1152 using Greasy Opal’s tools in a campaign that generated 750 million fake Microsoft accounts. This campaign was initially disrupted by the Microsoft Digital Crimes Unit in December 2023, but Storm-1152 reconstituted in January 2024, prompting further action by Microsoft and ACTIR in August 2024. Another prominent user of Greasy Opal’s tools is Bablesoft, a provider of browser automation software. Bablesoft’s Browser Automation Suite integrates Greasy Opal’s toolkit, offering malicious actors a user-friendly interface with fingerprint databases and drag-and-drop capabilities for launching attacks. ACTIR researchers noted that when Greasy Opal and BAS are used together, even attackers with low technical skills can execute effective attacks.

Suggested Corrections:
Despite the efficiency and low cost of Greasy Opal's technology, ACTIR noted a significant weakness: its reliance on outdated CPU-based hardware, making it more vulnerable to modern countermeasures. Akrose Labs recommended that companies review the report’s appendix to see if their names are listed, as this could indicat4e they are being targeted using Greasy Opal’s tools:

https://www.arkoselabs.com/resource/dossier-greasy-opal-greasing-skids-cybercrime/

Link(s):
https://www.infosecurity-magazine.com/news/captcha-solving-cybercriminals/
https://www.arkoselabs.com/resource/dossier-greasy-opal-greasing-skids-cybercrime/

Contact Us for Threat Assistance
Back to Current Threats