CyberSecurity news
FlagThis
Alex Delamotte@sentinelone.com
//
AkiraBot, an AI-powered botnet, has been identified as the source of a widespread spam campaign targeting over 80,000 websites since September 2024. This sophisticated framework leverages OpenAI's API to generate custom outreach messages tailored to the content of each targeted website, effectively promoting dubious SEO services. Unlike typical spam tools, AkiraBot employs advanced CAPTCHA bypass mechanisms and network detection evasion techniques, posing a significant challenge to website security. It achieves this by rotating attacker-controlled domain names and using AI-generated content, making it difficult for traditional spam filters to identify and block the messages.
AkiraBot operates by targeting contact forms and chat widgets embedded on small to medium-sized business websites. The framework is modular and specifically designed to evade CAPTCHA filters and avoid network detections. To bypass CAPTCHAs, AkiraBot mimics legitimate user behavior, and uses services like Capsolver, FastCaptcha, and NextCaptcha. It also relies on proxy services like SmartProxy, typically used by advertisers, to rotate IP addresses and maintain geographic anonymity, preventing rate-limiting and system-wide blocks.
The use of OpenAI's language models, specifically GPT-4o-mini, allows AkiraBot to create unique and personalized spam messages for each targeted site. By scraping site content, the bot generates messages that appear authentic, increasing engagement and evading traditional spam filters. While OpenAI has since revoked the spammers' account, the four months the activity went unnoticed highlight the reactive nature of enforcement and the emerging challenges AI poses to defending websites against spam attacks. This sophisticated approach marks a significant evolution in spam tactics, as the individualized nature of AI-generated content complicates detection and blocking measures.
ImgSrc: www.sentinelone
References :
AkiraBot operates by targeting contact forms and chat widgets embedded on small to medium-sized business websites. The framework is modular and specifically designed to evade CAPTCHA filters and avoid network detections. To bypass CAPTCHAs, AkiraBot mimics legitimate user behavior, and uses services like Capsolver, FastCaptcha, and NextCaptcha. It also relies on proxy services like SmartProxy, typically used by advertisers, to rotate IP addresses and maintain geographic anonymity, preventing rate-limiting and system-wide blocks.
The use of OpenAI's language models, specifically GPT-4o-mini, allows AkiraBot to create unique and personalized spam messages for each targeted site. By scraping site content, the bot generates messages that appear authentic, increasing engagement and evading traditional spam filters. While OpenAI has since revoked the spammers' account, the four months the activity went unnoticed highlight the reactive nature of enforcement and the emerging challenges AI poses to defending websites against spam attacks. This sophisticated approach marks a significant evolution in spam tactics, as the individualized nature of AI-generated content complicates detection and blocking measures.
ImgSrc: www.sentinelone
Share:
References :
- cyberinsider.com: AI-Powered AkiraBot Operation Bypasses CAPTCHAs on 80,000 Sites
- hackread.com: New AkiraBot Abuses OpenAI API to Spam Website Contact Forms
- www.sentinelone.com: AkiraBot | AI-Powered Bot Bypasses CAPTCHAs, Spams Websites At Scale
- The Hacker News: Cybersecurity researchers have disclosed details of an artificial intelligence (AI) powered platform called AkiraBot that's used to spam website chats, comment sections, and contact forms to promote dubious search engine optimization (SEO) services such as Akira and ServicewrapGO.
- Cyber Security News: AkiraBot’s CAPTCHA‑Cracking, Network‑Dodging Spam Barrage Hits 80,000 Websites
- securityaffairs.com: AkiraBot: AI-Powered spam bot evades CAPTCHA to target 80,000+ websites
- gbhackers.com: AkiraBot Floods 80,000 Sites After Outsmarting CAPTCHAs and Slipping Past Network Defenses
- cyberpress.org: AkiraBot’s CAPTCHA‑Cracking, Network‑Dodging Spam Barrage Hits 80,000 Websites
- gbhackers.com: AkiraBot Floods 80,000 Sites After Outsmarting CAPTCHAs and Slipping Past Network Defenses
- www.scworld.com: Sweeping SMB site targeting conducted by novel AkiraBot spamming tool
- 404 Media: Scammers Used OpenAI to Flood the Web with SEO Spam
- CyberInsider: AI-Powered AkiraBot Operation Bypasses CAPTCHAs on 80,000 Sites
- hackread.com: New AkiraBot Abuses OpenAI API to Spam Website Contact Forms, 400,000 Impacted
- bsky.app: Scammers used OpenAI as part of a bot that flooded the web with SEO spam. Also bypassed CAPTCHA https://www.404media.co/scammers-used-openai-to-flood-the-web-with-seo-spam/
- Security Risk Advisors: SentinelOne's analysis of AkiraBot's capabilities and techniques.
- www.sentinelone.com: SentinelOne blog post about AkiraBot spamming chats and forms with AI pitches.
- arstechnica.com: OpenAI’s GPT helps spammers send blast of 80,000 messages that bypassed filters
- Ars OpenForum: OpenAI’s GPT helps spammers send blast of 80,000 messages that bypassed filters
- Digital Information World: New AkiraBot Targets Hundreds of Thousands of Websites with OpenAI-Based Spam
- TechSpot: Sophisticated bot uses OpenAI to bypass filters, flooding over 80,000 websites with spam
- futurism.com: OpenAI Is Taking Spammers' Money to Pollute the Internet at Unprecedented Scale
- PCMag Middle East ai: Scammers Use OpenAI API to Flood 80,000 Websites With Spam
- www.sentinelone.com: Police arrest SmokeLoader malware customers, AkiraBot abuses AI to bypass CAPTCHAs, and Gamaredon delivers GammaSteel via infected drives.
- securityonline.info: AkiraBot: AI-Powered Spam Bot Floods Websites with Personalized Messages
- PCMag UK security: Scammers Use OpenAI API to Flood 80,000 Websites With Spam
- www.pcmag.com: PCMag article about the use of GPT-4o-mini in the AkiraBot spam campaign.
- Virus Bulletin: SentinelLABS researchers look into AkiraBot, a framework used to spam website chats and contact forms en masse to promote a low-quality SEO service. The bot uses OpenAI to generate custom outreach messages & employs multiple CAPTCHA bypass mechanisms.
- Daily CyberSecurity: Spammers are constantly adapting their tactics to exploit new digital communication channels.