Security researchers have uncovered a major new spam campaign that has targeted over 400,000 websites to date with outreach messages crafted with help from an OpenAI large language model (LLM).
SentinelLabs dubbed the spam framework “AkiraBot” as its messages seek to promote a suspicious SEO service called “Akira” and another operating under the name “ServiceWrap.”
It specifically targets SME business websites hosted on Shopify, GoDaddy, Wix and Squarespace, and has already managed to leave spam content on 80,000 of them since September 2024, the report claimed.
“The use of LLM-generated content likely helps these messages bypass spam filters, as the spam content is different each time a message is generated. The framework also rotates which attacker-controlled domain is supplied in the messages, further complicating spam filtering efforts,” SentinelLabs explained.
“The bot creator has invested significant effort into evading CAPTCHA filters as well as avoiding network detections by relying on a proxy service generally marketed towards advertisers – though the service has had considerable interest and use by cybercriminal actors.”
Read more on LLM-based threats: LLMjacking and Open-Source Tool Abuse Surge in 2024 Cloud Attacks
AkiraBot originally spammed website contact forms with content promoting the above SEO services, although newer versions target the live chat widgets integrated into websites, as well as comments sections, the report explained.
Various versions of the bot have emerged since last September, but all apparently use one of two hardcoded OpenAI API keys.
AkiraBot has been observed using CAPTCHA bypass services Capsolver, FastCaptcha and NextCaptcha, and multiple proxy hosts to evade network detection.
The bot logs its progress, which is how SentinelLabs was able to see that, as of January 2025, it had succeeded in spamming 80,000 websites.
“AkiraBot’s use of LLM-generated spam message content demonstrates the emerging challenges that AI poses to defending websites against spam attacks,” the report concluded.
“The easiest indicators to block are the rotating set of domains used to sell the Akira and ServiceWrap SEO offerings, as there is no longer a consistent approach in the spam message contents as there were with previous campaigns selling the services of these firms.”
SentinelLabs senior threat researcher, Jim Walter, also encouraged website owners to avoid relying on CAPTCHA to filter spam, and instead “incorporate more complex, interaction-heavy challenges in their sites to inhibit these types of campaigns.”
