I have a phpbb2 message board that I run and I was getting boatloads of spam. Adding in the default captcha did not reduce the spam in the slightest. That is, it was completely, 100% broken, contrary to your assertion that it isn’t being used in the wild.
I ended up adding a single extra required field and that blocks out 99.99% of the spam. I’ve gotten maybe 2 or 3 spams since implementing it. It’s not even a question. And it’s not even a picture. It’s just a field in the form that says “please type 1234 here”.
I think the key isn’t captcha, per se, but just being different. Security through obscurity in a sense. There’s no benefit for some spammer to fix his script to handle my dorky custom web forum. But there’s a huge benefit to cracking the default phpbb2 captcha algorithms because most users are going to just use the defaults.
-David