Menu Close

Researcher Defeats reCAPTCHA with Google’s Speech-to-Text API!

Share This Post

Share on facebook
Share on linkedin
Share on twitter
Share on email

An old attack method dating to 2017 that uses voice-to-text to bypass CAPTCHA protections seems to still work on Google’s latest reCAPTCHA v3.

A Researcher used an old unCAPTCHA trick against latest the audio version of reCAPTCHA, with a 97% success rate.

That is says researcher Nikolai Tschacher, who posted a video proof-of-concept (PoC) of the attack on Jan. 2.

CAPTCHA, introduced in 2014, is an acronym for Completely Automated Public Turing Test to Tell Computers & Humans Apart.

ReCaptcha is Google’s name for its own technology & free service that uses image, audio, or text challenges to verify that a human is signing into an account.

Free of Charge

It is a bit of code available free of charge from Google for accounts that handle less than 1m queries per month. Google recently started charging for larger reCAPTCHA accounts.

“The idea of the attack is very simple: You grab the MP3 file of the audio reCAPTCHA & you submit it to Google’s own speech-to-text API,” Tschacher wrote. “Google will return the correct answer in over 97% of all cases.”.

The report includes a video showing how Tschacher’s bot works. He added that this attack method works on even the latest version, reCAPTCHA v3.

Tschacher pointed out that his bot would not be easy to exploit at scale for 3 specific reasons: Google rate-limits audio CAPTCHA access; Google is likely tracking bot metrics; & it creates a fingerprint of each browsing device to stop bots.

Turing Test

“But still, we are approaching a point in time were the Turing Test can be solved by advanced AI, thus making CAPTCHAs harder & harder to implement,” Tschacher explained.

“CAPTCHAs will be replaced by passive AI that collects all kinds of data to constantly determine of the browsing signal appears to be human or not. The decision will be based on browsing fingerprint, JavaScript user
interaction events such as mouse movements & key presses & IP-address metadata.”


The idea of using speech-to-text against CAPTCHA protections was 1st introduced in 2017 by researchers at the University of Maryland, who then reported they “achieved 85% accuracy” with the tech they dubbed “UnCAPTCHA.”

Google responded with improved browser automation detection & the use of spoken phrases instead of numbers, according to the researchers’ GitHub reports. But by June 2018 researchers found the latest reCAPTCHA was easier to trick that its predecessor.

“Thanks to the changes to the audio challenge, passing reCAPTCHA is easier than ever before.

The code now only needs to make a single request to a free, publicly available speech to text API to achieve around 90% accuracy over all CAPTCHAs,” according to the GitHub findings from the University of Maryland team.


They explained that reCAPTCHA was designed to block Selenium browser automation engines, while “unCAPTCHA2 uses a screen clicker to move to certain pixels on the screen & move around the page like a human,” the researchers continued.

“There is certainly work to be done here — the coordinates need to be updated for each new user & is not the most robust.”

The report added that the reCAPTCHA bug was reported to Google in June 2018, & they okayed the release of the unCAPTCHA2 code.

Not be Updated

“UnCAPTCHA2, like the original version, is meant to be a PoC,” the report’s disclaimer added. “As Google updates its service, this repository will not be updated. As a result, it is not expected to work in the future, & is likely to break at any time.”

Now Tschacher appears to have come up with what could be called unCAPTCHA3, except now he suggested he can achieve a 97% success rate, instead of the original 85% reported in 2017.

Is CAPTCHA Secure?

“There has always been a game of cat-&-mouse between barriers like CAPTCHA and reCAPTCHA,  workarounds that attackers seeking automation employ,” Oliver Tavakoli, Vectra CTO explained.

“This is a clever approach in that it uses an alternate scheme made available for visually impaired people to de-fang reCAPTCHA – & using Google’s own speech-to-text API adds a bit of irony to the workaround. Hard to see how to supply support for the visually impaired without making reCAPTCHA a lot easier to game.”


But according to Dirk Schrader, Global VP with New Net Technologies, there is not a ready replacement for widespread replacement of CAPTCHAs & that even if there was an easy swap to be made, the reality is that no single technology can replace good cyber-security controls.

“This research could also be titled ‘Machines tricking Machines.’” Schrader observed. “It’s proof that no technology, & no application, is safe forever & the need for security of systems is based on core controls like change control & vulnerability management is reconfirmed.”

Reliable Tool

He added that CAPTCHA has been a reliable tool in separating machines from humans & might just need a bit of ‘tweaking’ to keep up.

“The fact that one Google ‘machine’ is used against the other just adds the fun factor to the story,” Schrader commented. “CAPTCHA has long been seen as a pain, however, so far has proven to be a fairly good instrument to distinct human from machine interaction.”

Virtual Conference January 2021


More To Explore

Community Area


Home Workouts


spaghetti Bolognese