A sophisticated spam tool called AkiraBot has targeted over 400,000 websites since September 2024, according to SentinelLABS.
It has successfully spammed at least 80,000 websites, promoting dubious Search Engine Optimization (SEO) services through AI-generated messages.
AkiraBot is a Python-based framework designed to exploit contact forms and live chat widgets of small to medium-sized business websites.
Also read: 1 in 5 SMBs Shut Down After Cyber Attacks
SentinelLABS reported that AkiraBot’s use of dynamic AI-generated messages and CAPTCHA bypass scripts makes it harder for traditional spam filters to detect.
It leverages OpenAI’s GPT-4o-mini model to create outreach messages tailored to a site’s content. The framework’s modular design enables CAPTCHA bypass, proxy use, and message uniqueness, increasing its success rate.Vic
The use of services like Capsolver, FastCaptcha, and NextCaptcha adds another layer of sophistication to its attacks.
As technology advances, AkiraBot represents a significant evolution in spam campaigns. It uses AI to craft unique messages that evade spam filters and security measures. This poses serious challenges to website owners and cybersecurity defenders globally.
SentinelLABS analyzed AkiraBot’s archives and identified a consistent operator using Windows Server systems. The tool initially targeted Shopify-based sites but now includes GoDaddy, Wix, and Squarespace platforms.
AkiraBot’s GUI allows operators to run multi-threaded attacks across numerous sites simultaneously.
Each version uses one of two OpenAI API keys and the same proxy credentials. Proxy services, notably SmartProxy, help disguise the bot’s origin and avoid IP-based blocking.
Website owners are advised to strengthen their anti-spam defences, including CAPTCHA upgrades and network anomaly monitoring.
Hosting providers and proxy services must also monitor for abuse of their infrastructure.
About Author
