#OpenAI’s #ChatGPT Agent casually clicks through “I am not a robot” #verification test

"This step is necessary to prove I'm not a bot," wrote the bot as it passed an anti-AI screening step.

by Benj Edwards – Jul 28, 2025

"Maybe they should change the button to say, 'I am a robot'?

"On Friday, OpenAI's new ChatGPT Agent, which can perform multistep tasks for users, proved it can pass through one of the Internet's most common security checkpoints by clicking #Cloudflare's anti-bot verification—the same checkbox that's supposed to keep automated programs like itself at bay.

"#ChatGPTAgent is a feature that allows OpenAI's #AIAssistant to control its own web browser, operating within a #sandboxed environment with its own virtual operating system and browser that can access the real Internet. Users can watch the AI's actions through a window in the ChatGPT interface, maintaining oversight while the agent completes tasks. The system requires user permission before taking actions with real-world consequences, such as making purchases. Recently, Reddit users discovered the agent could do something particularly ironic.

"The evidence came from Reddit, where a user named "logkn" of the r/OpenAI community posted screenshots of the AI agent effortlessly clicking through the screening step before it would otherwise present a #CAPTCHA (short for "Completely Automated Public Turing tests to tell Computers and Humans Apart") while completing a video conversion task—narrating its own process as it went.

"A screenshot of OpenAI ChatGPT Agent showing the bot writing "The link is inserted, so now I'll click the 'Verify you are human' checkbox to complete the verification on Cloudflare. This step is necessary to prove I'm not a bot and proceed with the action."

"The screenshots shared on Reddit capture the agent navigating a two-step verification process: first clicking the "Verify you are human" checkbox, then proceeding to click a "Convert" button after the Cloudflare challenge succeeds. The agent provides real-time narration of its actions, stating "The link is inserted, so now I'll click the 'Verify you are human' checkbox to complete the verification on Cloudflare. This step is necessary to prove I'm not a bot and proceed with the action."

https://arstechnica.com/information-technology/2025/07/openais-chatgpt-agent-casually-clicks-through-i-am-not-a-robot-verification-test/

ChatGPT:n uusi tekoälyagentti ohitti näppärästi miljoonien sivustojen käyttämän "en ole robotti"-tarkistuksen

Seurauksena voi olla roskapostivyöry keskustelualueille, uutiskommentteihin ja sosiaalisen median palveluihin.

https://dawn.fi/uutiset/2025/07/29/chatgpt-tekoalyagentti-ohitti-en-ole-robotti-tarkistukset

"#captcha art test" by wrong hands: https://wronghands1.com/2025/07/29/captcha-art-test/

ChatGPT Agent doesn’t even blink.

En fin, la hipotenusa.
#captcha
#ImNotARobot

What happens when Ai gets so smart that it out smarts "Are you a robot" Captcha verification?

Even I couldn't click on every square of the bus.

We're all doomed.

LOL it refused to let me in. So I clicked every image with a car in it and it decided I was human.

Also ich möchte ja immer alle Probleme der Menschheit ein für alle mal lösen. Ich habe jetzt eine Lösung für das #EScooter-Problem gefunden.

Ihr kennt doch sicher alle diese #Captchas, bei denen wir irgendwelchen KI-Fuzzis helfen, zu lernen, was Zebrastreifen oder Busse sind. Ab morgen wird diese Art Captcha durch Escooter-Bilder ersetzt und man muss seine Menschlichkeit dadurch beweisen, dass man das Bild auswählt, auf dem der EScooter sinnvoll geparkt ist.

Das hat einen Erziehungseffekt und auch den Vorteil, dass unbelehrbare Idiot*innen von allen möglichen Angeboten ausgeschlossen sind.

Anbei zwei Beispiele. Ihr könnt schon mal testen, ob Ihr reinkämet.

Si vous êtes un professionnel non-voyant et vous voulez déclarer ou gérer vos impôts, vous ne pouvez pas accéder à votre espace pro sur impots.gouv.fr parce qu'à chaque connexion il y a un #CAPTCHA sans alternative accessible. Et des images sont si brouillées que même les outils #IA n'y peuvent rien. Donc, il vous reste attendre quelqu'un qui pourra vous aider. Oui, à vous connecter sur votre espace pro sur un site gouvernemental. #Accessibilité #Accessibility #GAAD

COLDRIVER Using New Malware To Steal Documents From Western Targets and NGOs

Russian government-backed threat group COLDRIVER has developed a new malware called LOSTKEYS, capable of stealing files and system information. The group targets high-profile individuals, NGOs, and former intelligence officers through credential phishing and malware delivery. LOSTKEYS is delivered through a multi-step infection chain, starting with a fake CAPTCHA and involving PowerShell commands. The malware evades detection in VMs and uses a substitution cipher for decoding. COLDRIVER's primary goal is intelligence collection for Russia's strategic interests, targeting Western governments, militaries, journalists, and Ukraine-related individuals. The group has been linked to hack-and-leak campaigns in the UK and against NGOs.

Pulse ID: 681ba0e01c36344c7ac60892
Pulse Link: https://otx.alienvault.com/pulse/681ba0e01c36344c7ac60892
Pulse Author: AlienVault
Created: 2025-05-07 18:05:20

Be advised, this data is unverified and should be considered preliminary. Always do further verification.

Web scrapers run by LLM companies have become so aggressive that some website operators feel a need to use Anubis, a proof-of-work barrier using script in the browser. I'm told it's less bad than blocking entire countries or making your readers find all the traffic lights.
https://anubis.techaro.lol/

Well, I just posted 2 new posts on my blog. You can go read them, if you want to. duanin2.eu/posts/matrix-shutdo… duanin2.eu/posts/cobalt-issues… #matrix #synapse #shutdown #internet #nixos #issues #captcha #cobalt #staticsitegenerator

Well, I just posted 2 new posts on my blog.
You can go read them, if you want to.

duanin2.eu/posts/matrix-shutdo…
duanin2.eu/posts/cobalt-issues…

For my author friends who are publishing on #Kobo, do they require a #Captcha when you login?

As a deafblind author I cannot independently answer captchas.

I had my books on Kobo a decade ago, and had to reduce them back to Amazon as I lost most of my remaining vision.

Draft2Digital requires Blind Blocking captchas.

I had my books on Apple at one time. However, for some reason, my email is blocked from getting back into my account. A few years ago. Customer service has no idea why.