Incident 1365: AkiraBot Reportedly Used OpenAI to Spam Website Chats and Contact Forms at Scale

Description: SentinelLabs reported that unknown operators used AkiraBot, a Python framework, plus OpenAI's chat API to generate customized SEO spam and bypass CAPTCHAs, posting via SMB websites' contact forms and Reamaze-style chat widgets. Researchers assessed >400k domains were targeted and ≥80k successfully spammed since 09/01/2024. OpenAI said the API key was disabled after disclosure.
Editor Notes: Timeline notes: (1) 09/01/2024: Earliest known reported AkiraBot activity (incident ID date); (2) 04/09/2025: SentinelLabs publishes report; (3) 02/08/2026: Incident ID created.

Tools

New ReportNew ReportNew ResponseNew ResponseDiscoverDiscoverView HistoryView History

Incident Stats

Incident ID
1365
Report Count
4
Incident Date
2024-09-01
Editors
Daniel Atherton

Incident Reports

Reports Timeline

Incident Occurrence+3
AkiraBot | AI-Powered Bot Bypasses CAPTCHAs, Spams Websites At Scale
Loading...
AkiraBot | AI-Powered Bot Bypasses CAPTCHAs, Spams Websites At Scale
sentinelone.com · 2025

Executive Summary

  • AkiraBot is a framework used to spam website chats and contact forms en masse to promote a low-quality SEO service.
  • SentinelLABS assesses that AkiraBot has targeted more than 400,000 websites and successfully spammed at l…
Loading...
AkiraBot Targets 420,000 Sites with OpenAI-Generated Spam, Bypassing CAPTCHA Protections
thehackernews.com · 2025

Cybersecurity researchers have disclosed details of an artificial intelligence (AI) powered platform called AkiraBot that's used to spam website chats, comment sections, and contact forms to promote dubious search engine optimization (SEO) …

Loading...
‘AkiraBot’ Spammed 80,000 Websites With AI-Generated Messages
securityweek.com · 2025

A newly identified Python framework spamming the contact forms and chat widgets on the websites of small and medium-sized businesses has made over 80,000 victims over the past half a year, SentinelOne reports.

Dubbed AkiraBot due to its use…

Loading...
Scammers Use OpenAI API to Flood 80,000 Websites With Spam
pcmag.com · 2025

An AI spambot used OpenAI's GPT-4o-mini to flood websites with spam comments.

According to cybersecurity firm SentinelOne, AkiraBot successfully targeted at least 80,000 websites, mainly operated by small to medium-sized businesses using e-…

Variants

A "variant" is an AI incident similar to a known case—it has the same causes, harms, and AI system. Instead of listing it separately, we group it under the first reported incident. Unlike other incidents, variants do not need to have been reported outside the AIID. Learn more from the research paper.
Seen something similar?

Similar Incidents

By textual similarity

Did our AI mess up? Flag the unrelated incidents

Loading...
OpenAI’s GPT-3 Reported as Unviable in Medical Tasks by Healthcare Firm

OpenAI’s GPT-3 Reported as Unviable in Medical Tasks by Healthcare Firm

· 1 report
Loading...
DALL-E 2 Reported for Gender and Racially Biased Outputs

DALL-E 2 Reported for Gender and Racially Biased Outputs

· 3 reports
Loading...
GitHub Copilot, Copyright Infringement and Open Source Licensing

GitHub Copilot, Copyright Infringement and Open Source Licensing

· 5 reports
Previous IncidentNext Incident