Hackers Use ‘Greasy Opal’ to Fake 750 Million Microsoft Accounts

Greasy Opal, a Czech-based cybersecurity firm, is a significant threat due to its ability to rapidly develop machine learning models for various CAPTCHA challenges, which are sold to a broad range of clients, including malicious actors and competing CAPTCHA-solving services. 

It enables attackers to easily launch large-scale bot attacks aimed at compromising legitimate user accounts and creating fraudulent accounts by facilitating cybercriminal activities by providing the necessary tools for bypassing CAPTCHA protections.

A new CAPTCHA-solving tool, Greasy Opal, has emerged as a threat to enterprise and government online security, offering a low-cost, highly efficient bot-powered CAPTCHA bypass at scale, allowing malicious actors to circumvent account security measures. 

list of bot protection sources

Greasy Opal boasts superior recognition speed (up to 10x faster) compared to existing solutions like AntiGate, RuCaptcha, and DeCaptcher, making it a notably easy and flexible option for attackers to automate large-scale CAPTCHA solving, posing a significant risk, as detailed in a list of high-profile targets, including government institutions and organizations. 

A conglomerate offering CAPTCHA-solving, SEO-boosting, and social media automation services has become a hub for malicious activities. Its tools, often used for spam and malware delivery, enable attackers to efficiently deploy sophisticated bots. 

For example, Storm-1152, a Vietnam-based threat actor group, utilized Greasy Opal to create 750 million fake Microsoft accounts. 

Greasy Opal’s primary tool 

Microsoft’s Digital Crimes Unit has repeatedly disrupted Storm 1152’s operations, seizing control of its domains and hindering its malicious activities.

Researchers have found Greasy Opal to be a crucial component in browser automation ecosystems, particularly Bablesoft’s BAS, which simplifies attack creation for less skilled attackers. 

Greasy Opal is being used for a range of attacks, from harmless to severe, targeting industries like social media, forums, gaming, banking, and gig economy companies.

It leverages advanced OCR and machine learning by training its models on extensive datasets, including crowd-sourced labeled images, to accurately decipher text-based CAPTCHAs, even those with distortions or noise. 

The service continually updates its models to adapt to new CAPTCHA variations, making it a valuable resource for attackers seeking to circumvent anti-bot measures.

ACTIR is proactively addressing the ongoing Greasy Opal attack by implementing advanced AI-resistant CAPTCHAs and also conducting in-depth analysis of Greasy Opal’s ML models to identify vulnerabilities and develop countermeasures, which aim to neutralize the threat posed by Greasy Opal and protect Arkose Labs customers from ongoing attacks.

Greasy Opal, a sophisticated cyberattack enabler, leverages OCR and AI, coupled with crowd-sourced model training, to pose a significant threat to businesses. Despite its CPU-based architecture limiting scalability, its cheap and accessible nature makes it a popular choice for attackers. 

Companies should prioritize robust bot management security, incorporating proof-of-work, modern CAPTCHA, and AI-resistant challenges to mitigate the risks posed by Greasy Opal’s AI-built bots, which can easily bypass traditional CAPTCHAs. 

Also Read:

Kaaviya
Kaaviyahttps://cyberpress.org/
Kaaviya is a Security Editor and fellow reporter with Cyber Press. She is covering various cyber security incidents happening in the Cyber Space.

Recent Articles

Related Stories

LEAVE A REPLY

Please enter your comment!
Please enter your name here