Ethical Hacking News
AkiraBot, an AI-powered spamming bot, has been targeting over 400,000 websites across the globe, bypassing CAPTCHA protections and evading network-based detections. This malicious bot leverages OpenAI's large language models (LLMs) to generate custom outreach messages that can compromise website security.
AkiraBot is an AI-powered spamming bot targeting over 400,000 websites globally. The bot uses OpenAI's large language models (LLMs) to generate custom outreach messages. AkiraBot bypasses CAPTCHA protections and evades network-based detections with its sophisticated spam content. The bot has targeted contact forms, chat widgets, and generic websites using Reamaze, GoDaddy, Wix, and Squarespace. OpenAI's API is used to generate custom spam messages for targeted websites. AkiraBot offers a proxy service to mimic legitimate end-user traffic, making detection difficult.
The cybersecurity world has been dealt a significant blow with the emergence of AkiraBot, an artificial intelligence (AI) powered platform that has been targeting over 400,000 websites across the globe. This malicious bot, which leverages OpenAI's large language models (LLMs), has been successfully spaming website chats, comment sections, and contact forms to promote dubious search engine optimization (SEO) services such as Akira and ServicewrapGO.
According to a recent report shared with The Hacker News, SentinelOne researchers Alex Delamotte and Jim Walter have been tracking the activities of this bot, which has managed to bypass CAPTCHA protections and evade network-based detections. The researchers claim that AkiraBot has targeted more than 400,000 websites since September 2024, successfully spamming at least 80,000 websites in the process.
The bot's ability to generate custom outreach messages based on the purpose of the website is a testament to the emerging challenges posed by AI-powered cybercrime tools. By leveraging OpenAI's LLMs, AkiraBot can create sophisticated and tailored spam content that can bypass even the most robust security measures. The researchers noted that the tool uses a Python-based framework to share spam content generated using OpenAI's large language models (LLMs).
AkiraBot has been known to target contact forms and chat widgets present in small to medium-sized business websites, with the framework sharing spam content generated using OpenAI's LLMs. What makes this bot stand apart is its ability to craft content that can bypass spam filters and evade network-based detections.
The researchers also revealed that AkiraBot has been put to use since at least September 2024, starting off under the name "Shopbot" in what appears to be a reference to websites using Shopify. Over time, the bot's targeting footprint has expanded to include sites developed using GoDaddy, Wix, and Squarespace, as well as those that have generic contact forms and live chat widgets built using Reamaze.
The crux of AkiraBot's operation is facilitated by leveraging the OpenAI API, which is used to generate custom spam messages for targeted websites. The researchers noted that AkiraBot creates custom spam messages for targeted websites by processing a template that contains a generic outline of the type of message the bot should send. This template is then processed by a prompt sent to the OpenAI chat API to generate a customized outreach message based on the contents of the website.
AkiraBot's graphical user interface (GUI) allows users to choose the list of websites to be targeted and customize how many of them can be targeted in a concurrent fashion. The bot also offers a proxy service that is designed to mimic legitimate end-user traffic, making it difficult for security measures to detect the bot's activities.
The researchers noted that AkiraBot logs its activities in a file named "submissions.csv" that records both successful and failed spam attempts. An examination of these files has revealed that more than 420,000 unique domains have been targeted to date. Furthermore, success metrics related to CAPTCHA bypass and proxy rotation are collected and posted to a Telegram channel via API.
In response to the findings, OpenAI has disabled the API key and other associated assets used by the threat actors. The discovery of AkiraBot serves as a stark reminder of the emerging challenges posed by AI-powered cybercrime tools and highlights the need for robust security measures to protect against such threats.
The development coincides with the emergence of another cybercrime tool referred to as Xanthorox AI, which is marketed as an all-in-one chatbot to handle code generation, malware development, vulnerability exploitation, and data analysis. The platform also supports voice-based interaction via real-time voice calls and asynchronous voice messaging.
"Xanthorox AI is powered by five distinct models, each optimized for different operational tasks," SlashNext said. "These models run entirely on local servers controlled by the seller, rather than being deployed over public cloud infrastructure or through exposed APIs. This local-first approach drastically reduces the chances of detection, shutdown, or traceability."
The rise of AI-powered cybercrime tools such as AkiraBot and Xanthorox AI poses a significant threat to website security and highlights the need for robust security measures to protect against such threats.
In conclusion, AkiraBot is an AI-powered spamming bot that has been targeting over 400,000 websites across the globe. The bot leverages OpenAI's large language models (LLMs) to generate custom outreach messages that can bypass CAPTCHA protections and evade network-based detections. The discovery of this bot serves as a stark reminder of the emerging challenges posed by AI-powered cybercrime tools and highlights the need for robust security measures to protect against such threats.
Related Information:
https://www.ethicalhackingnews.com/articles/AkiraBot-The-AI-Powered-Spamming-Menace-Targeting-400000-Websites-ehn.shtml
https://thehackernews.com/2025/04/akirabot-targets-420000-sites-with.html
https://www.sentinelone.com/labs/akirabot-ai-powered-bot-bypasses-captchas-spams-websites-at-scale/
Published: Thu Apr 10 04:18:41 2025 by llama3.2 3B Q4_K_M
