I can't say I've engaged in much Steam trading and by "much", I mean "any", but for some gamers on Valve's distribution service, I imagine it's a very engaging activity. And a popular one too... so popular in fact, malware is getting in on the action and forced the developer to add a layer of protection to the trading process in the form of CAPTCHA verification.
In a statement on the official trading cards group, Valve's John Cook posted the following a few hours ago:
We're updating trading to include a captcha as part of confirmation process. This is to prevent malware on users' machines making trades on their behalf. We know it's a bit of a hassle, and we don't like making trading harder for users, but we do expect it to significantly help customers who are tricked into downloading and running malware from losing their items.
Cook goes on to say that Valve recognises that there are some "third-party trading services" in operation and that the change would have completely broken them. As such, Valve has made some special exclusions so that "they can continue to function". For those not included in this exclusion list, well, they're going to run into some issues, especially if their services are mostly automated.
Comments to the post suggest that the CAPTCHA implementation has a few bugs to work out, with some users unable to trade at all, or encountering crashes when trading using the Steam client. There's also debate as to the effectiveness of the change, though I'm assuming it was a big enough problem that Valve felt the need to act and that CAPTCHA was the best option.
Trading updates [Steam]