In 2017, few researchers of the University of Maryland found a Google reCaptcha exploit. The exploit that they found using the mechanism of the speech to text. It was used to overcome any type of any sort of audio issues that the Google ReCaptcha created at it. It made it possible for these automated scripts to then bypass any type of such kind of these barriers. It was so-called Uncaptcha, and afterward that, Google patched it.
In 2019 then, the editing of the original type of exploit was done. It was then dubbed as with the name, Uncaptcha 2. It was then up and working again with a proof-of-concept scheme. However, it also stopped working after a while and no updates furthermore were done to deal with the flaws.
Researchers have stated that the idea of the attack is to grab the MP3 file of the audio reCAPTCHA and then submit it to Google’s Speech to Text API. In simpler terms, if a non-techy guy has to understand what the flaw is, it is simply that Google ReCaptcha has this flaw where it lets the bots be able to bypass the audio captcha challenge which should be not possible in the very first step of the scenario.
Unfortunately, this same kind of flaw has been rising again and again over this period. So Google needs to tie all those loose ends and solve this issue at once.
