Description: SentinelLabs reported that unknown operators used AkiraBot, a Python framework, plus OpenAI's chat API to generate customized SEO spam and bypass CAPTCHAs, posting via SMB websites' contact forms and Reamaze-style chat widgets. Researchers assessed >400k domains were targeted and ≥80k successfully spammed since 09/01/2024. OpenAI said the API key was disabled after disclosure.
Editor Notes: Timeline notes: (1) 09/01/2024: Earliest known reported AkiraBot activity (incident ID date); (2) 04/09/2025: SentinelLabs publishes report; (3) 02/08/2026: Incident ID created.
Entities
View all entitiesAlleged: Unknown AkiraBot developers and OpenAI developed an AI system deployed by Unknown malicious actors and Unknown AkiraBot operators, which harmed Wix sites , Victims of AkiraBot , SquareSpace sites , Small business owners , Shopify sites , Medium-sized business owners , GoDaddy sites , Customers , Business website users and Business owners.
Alleged implicated AI systems: Telegram , SmartProxy , Selenium WebDriver , reCAPTCHA , OpenAI Chat Completions API , NextCaptcha , headless Chrome , hCAPTCHA , FastCaptcha , CAPTCHA , Capsolver , BeautifulSoup and AkiraBot
Incident Stats
Incident ID
1365
Report Count
1
Incident Date
2024-09-01
Editors
Daniel Atherton
Incident Reports
Reports Timeline
Loading...
Executive Summary
- AkiraBot is a framework used to spam website chats and contact forms en masse to promote a low-quality SEO service.
- SentinelLABS assesses that AkiraBot has targeted more than 400,000 websites and successfully spammed at l…
Variants
A "variant" is an AI incident similar to a known case—it has the same causes, harms, and AI system. Instead of listing it separately, we group it under the first reported incident. Unlike other incidents, variants do not need to have been reported outside the AIID. Learn more from the research paper.
Seen something similar?
Similar Incidents
Did our AI mess up? Flag the unrelated incidents
Similar Incidents
Did our AI mess up? Flag the unrelated incidents