sweetCAPTCHA Service Security Alert

Who is affected? Websites that use the sweetCAPTCHA service

Solution: Remove sweetCAPTCHA from website. If you are a website viewer, ignore links or popups that may appear after using the sweetCAPTCHA service. Do not download anything from the links and ignore the pop-up messages.

SweetCATPCHA is a service that uses images instead of distorted characters to make sure that someone is a person instead of robot. SweetCAPTCHA is found on many website platforms including thousands of WordPress installations. However, there have been recent reports of this graphic appearing where sweetCAPTCHA has been in use:

False image alert

The resulting investigation showed that the sweetCAPTCHA code included Javascript that loaded the banner. Unfortunately, this code was not added maliciously, but with intent from the developers of sweetCAPTCHA. The addition of this code is covered in their Terms of Use

5.2 You acknowledge that within the sweetCAPTCHA service and/or sweetCAPTCHA API, There might be included 3rd party content which will be displayed for the purpose of user interaction. This content might include but will not be limited to ads, banners, links, search engine input fields and etc.

Malicious clktag in JavaScript

Recent investigation of the sweetCAPTCHA code has found the use of clktags which lead to popups, and several links that could install malware and viruses onto your computer. If you do see those links, make sure to ignore and never download anything from them.

Other Malicious Scripts

If you do use other services like sweetCAPTCHA, make sure to closely read through their Terms of Use, and review the operation of the service over a period of a time. There are definitely other malicious scripts in services both intentional and unintentional. Common services like extensions, add-ons and plugins include sliders, site meters, etc. that can contain scripts. If you select a product, make sure to check the community to see if other users have reported any problems and always keep a close eye on your website to make sure that nothing unexpected is occurring.

This issue is not restricted to website owners, it’s also a problem for website viewers. Malicious scripts can be hidden in advertising in websites. Always make sure to practice safe web browsing habits. If you use reputable malware scanners, make sure to keep them up-to-date.

What do I do for the sweetCAPTCHA issue?

  • Remove sweetCAPTCHA – at least until they remove the services and amend their Terms of Use
  • Be wary of any service you purchase and use for your website
  • If you’re adding code that’s not yours, make sure to review the terms of use

For more information, please see this SucuriBlog post.

AC
Arnel Custodio Content Writer I

As a writer for InMotion Hosting, Arnel has always aimed to share helpful information and provide knowledge that will help solve problems and aid in achieving goals. He's also been active with WordPress local community groups and events since 2004.

More Articles by Arnel

Was this article helpful? Join the conversation!