[ImPostingOnHN]

this is done by some darknet sites running tor hidden services on generated onion domains, for similar reasons:

https://shufflingbytes.com/posts/ripping-off-professional-cr...

[joskvw]

That's a really good post, interesting read. This is similar in some ways but I don't see how their approach protects the user from more advanced attacks (an attacker could still swap the captcha).