AI in Spam Service: AkiraBot Attacks Over 80,000 Websites

11 April 2025 2 minutes Author: Newsman

AkairaBot, an AI tool written in Python, is known for its ability to send spam via contact forms and online chats. According to SentinelOne, it has attacked over 80,000 sites since September 2024, and has over 420,000 domains on its list of potential targets.

AkiraBot uses a large language model (including the OpenAI API) to generate unique messages based on the content of each site. This makes it much harder to filter, as message patterns are not repeated. Initially, the bot focused on Shopify sites, but over time its targets have expanded to include platforms such as GoDaddy, Wix, Squarespace, and other common contact forms.

Newer versions of AkiraBot even attack Live Chat widgets such as Reamaze. The bot is able to bypass popular CAPTCHA protections: hCAPTCHA, reCAPTCHA and Cloudflare CAPTCHA, resorting to the use of fake browser fingerprints and emulation of “regular user” traffic.

Thanks to the use of SmartProxy, the bot automatically changes IP addresses, which makes it difficult to detect attacks. In the archives from January 2025, researchers found a CSV file with over 80 thousand successful attempts and a TXT file with 11 thousand unsuccessful ones. In total, AkiraBot targets over 420,000 sites.

  • AkiraBot is a modular AI-based system that combines machine learning, network anonymization and CAPTCHA bypass technologies. The main goal is the mass promotion of fraudulent SEO services or redirecting users to phishing pages. Although such spam bots have existed for a long time, it is the integration of LLM and CAPTCHA bypass that makes AkiraBot a new level of threat. Its open source code allows you to adapt modules to specific sites and environments.
  • AkiraBot demonstrates a new reality: artificial intelligence is used not only for useful purposes, but also as a tool for scalable digital spam. Small and medium businesses are becoming a prime target, which is why website owners need to strengthen CAPTCHA protection, update filters, and monitor feedback form activity. Otherwise, “smart” spammers will bypass everything — and harm not only your image, but also your customers.
Other related articles
News
Read more
New Cyber ​​Command and NSA chief speaks calmly after Ho’s controversial resignation
The speech of the new head of Cyber ​​Command and NSA, William Hartman, after the sudden dismissal of Tim Ho, showed that the US Senate is concerned about the possible division of the structure that has so far provided effective protection in cyberspace from China. Hartman stressed the importance of dual leadership and readiness to counter threats from the hacking groups Salt Typhoon and Volt Typhoon.
79
News
Read more
Moscow court fines Telegram for failing to remove anti-government content
A court in Moscow has fined Telegram 7 million rubles for refusing to remove calls for protests and terrorist attacks against the Russian authorities. The company is accused of spreading extremist content, and the platform has not yet commented. This is part of a broader confrontation between the Russian authorities and "digital services that protect freedom of speech".
93
News
Read more
Millions of websites affected, XSS and SQL injections are key threats to WordPress
In 2024, WordPress suffered massive attacks – XSS and SQL injections hit millions of sites, especially due to plugin vulnerabilities. Wordfence blocked over 10 billion hacking attempts, urging administrators to constantly update websites, use 2FA and avoid unverified extensions. WordPress security requires close attention, as even moderate vulnerabilities can cause serious threats.
84
Found an error?
If you find an error, take a screenshot and send it to the bot.