Whenever a new form of digital communication becomes prevalent, actors inevitably adopt it to send spam and try to profit from unsuspecting users. Email has been the perennial choice for spam delivery, but the prevalence of new communications platforms has expanded the spam attack surface considerably.
This report explores AkiraBot, a Python framework that targets contact forms and chat widgets on small to medium-sized business websites. AkiraBot is designed to post AI-generated spam messages tailored to the targeted website’s content, which promotes services for a dubious Search Engine Optimization (SEO) network. The use of LLM-generated content likely helps these messages bypass spam filters, as the spam content is different each time a message is generated. The framework also rotates which attacker-controlled domain is supplied in the messages, further complicating spam filtering efforts.
The bot creator has invested significant effort in evading CAPTCHA filters and avoiding network detections by using a proxy service typically marketed to advertisers. However, the service has also attracted considerable interest and use from cybercriminal actors.
AkiraBot is not related to the ransomware group Akira; this name was chosen because the bot consistently uses domains with “Akira” as the SEO service brand.
Script Execution and Website Feature Targeting - SentinelLABS identified several archives containing scripts related to this framework with file timestamps dating back to September 2024. The oldest archive refers to the bot as Shopbot, likely a reference to its targeting of websites using Shopify. As the tool evolved, the targeting expanded to include websites built using GoDaddy and Wix, as well as generic website contact forms, which include websites built using Squarespace, and likely other technologies. These technologies are primarily used by small to medium-sized businesses for their ease in enabling website development with integrations for e-commerce, website content management, and business service offerings.
There are many versions of this tool, with file timestamps in the archives indicating activity from September 2024 to the present. Each version uses one of two hardcoded OpenAI API keys and the same proxy credentials and test sites, which links the archives despite the disparate naming conventions. Analysts identified AkiraBot-related archives that had the following root directory names:
• bubble_working_clone
• fingerprints-server
• GoDaddy
• NextCaptcha and FastCaptcha
• NextCaptchaBot-v6
• override
• petar_bot
• shopbotpyv2
• SHOPIFY_SYSTEM_UPDATED
• updatedpybot
• wix
• wixbot
• WORKING_FOLDER
Additionally, logs from the tool reveal that the operator ran it from the following paths, suggesting that they are most likely using Windows Server systems based on the Administrator username being the most prevalent:
C:/Users/Administrator/Desktop/
C:/Users/Administrator/Downloads/
C:/Users/Usuario/Desktop/ - only appears in the archive named GoDaddy
Originally, AkiraBot spammed website contact forms, enticing the site owner to purchase SEO services. Newer versions of AkiraBot have also targeted the Live Chat widgets integrated into many websites, including Reamaze widgets.
_submit_old_website function in v14.py
The bot has a GUI that displays success metrics and allows the operator to choose a target list to run against.
The GUI lets the operator customize how many threads are running at once, a feature the bot uses to target many sites concurrently.
AkiraBot GUI
Spam Message Generation - Searching for websites that reference AkiraBot domains reveals that the bot previously spammed websites in a way that caused the message to be indexed by search engines.
Google search results containing useakira[.]com
Spam comment on website from 2023 and content from the AkiraBot templates.txt file
AkiraBot creates custom spam messages for targeted websites by processing a template that contains a generic outline of the type of message the bot should send.
Spam message template
The template is processed by a prompt sent to the OpenAI chat API to generate a customized outreach message based on the website's content.
The OpenAI client uses model gpt-4o-mini and is assigned the role “You are a helpful assistant that generates marketing messages.” The prompt instructs the LLM to replace the variables <WEBSITE_NAME> and <KEYWORD> with the site name provided at runtime.
AI Chat prompt from v10.py
The <KEYWORD> is generated by processing the {context} variable, which contains text scraped from the targeted website via BeautifulSoup, a library that transforms raw HTML code into human–or LLM–readable text.
AkiraBot’s generate_message function
The resulting message includes a brief description of the targeted website, making the message seem curated. The benefit of generating each message using an LLM is that the message content is unique, making it more difficult to filter against spam compared to using a consistent message template, which can be easily filtered.
Logged AI-generated outreach messages in submissions.csv
CAPTCHA Bypass & Network Evasion Techniques/CAPTCHA Bypass - AkiraBot puts significant emphasis on evading CAPTCHAs so that it can spam websites at scale. The targeted CAPTCHA services include hCAPTCHA and reCAPTCHA, including Cloudflare’s hCAPTCHA service in certain versions of the tool. Analysts identified an archive containing files for CAPTCHA-related servers and browser fingerprints, which enable the bot’s web traffic to mimic that of a legitimate end user. The archives contain a fingerprint server that runs on the same system as the other AkiraBot tools, intercepting website loading processes using Selenium WebDriver. This automation framework simulates user browsing activity.
The inject.js script injects code into the targeted website’s Document Object Model (DOM), enabling the tool to modify how the website loads in real-time and change its behaviors. Inject.js manipulates values in the session using a headless Chrome instance, which makes the session appear like an end user’s browser to the web server. The script modifies multiple browser attributes that web servers use to identify the nature of the browser viewing the website, including:
• Audio Context and Voice engines, which are used to profile whether a session is headless or a real browser• Graphics rendering, including canvas and WebGL attributes
• Installed fonts
• Navigator objects, which provide a wealth of profiling information, such as browser type, operating system & architecture, geolocation, hardware details, languages installed, and browser privacy settings
• System memory, storage, and CPU profile
• Timezone
The bot uses several CAPTCHA bypassing services, including Capsolver, FastCaptcha, and NextCaptcha, which serve as failover services when browser emulation is insufficient for interacting with the targeted website.
FastCaptcha token generator function in v10.py
AkiraBot also runs a headless Chrome instance to periodically refresh values for Reamaze tokens. Reamaze provides websites with customer support chat integrations, making this another targeted feature. The service also offers spam filters for chats on its platform, indicating that this is a known vector for spam attacks.
Reamaze token handling function
Network Evasion Techniques - AkiraBot uses multiple proxy hosts to evade network detection and diversify the source of its traffic. In each archive SentinelLABS analyzed, AkiraBot used the SmartProxy service. SmartProxy’s website claims that its proxies are ethically sourced and that they provide data center, mobile, and residential proxies. Each version of the bot uses the same proxy credentials, suggesting the same actor is behind each iteration.
get_random_proxy function in The_NextCaptcha_Bot.py
While SmartProxy is a service that seems to operate within legal boundaries, it is worth noting that it has regularly had the attention of cybercriminals. The BlackBasta ransomware leaks referenced an exchange of SmartProxy credentials, for example.
SmartProxy credentials from BlackBasta leaks
Logging & Success - AkiraBot logs its spam progress to submissions.csv, which sometimes includes the AI-generated spam message contents as well. The submissions.csv file from the January 2025 archives shows more than 80,000 unique domains that were successfully spammed. The script also logs failed attempts in failed.txt and failed_old.txt. The January 2025 archives showed that only 11,000 domains had failed, including previous runs of the tool. Sentinel analyzed all submissions.csv files; deduplicating the results revealed that more than 420,000 unique domains were targeted in total.
Two versions of AkiraBot used a Telegram bot for logging success metrics. The scripts monitor.py and monitor_random.py would collect success metrics from the bot and post them to a Telegram channel via API.
Telegram sending functionality in monitor.py
Telegram Detail - The Telegram functionality, contained in the monitor.py and monitor_random.py scripts, is tied to proxy rotation and CAPTCHA defeat features in the bundled JavaScript file, script.js. The monitor.py script uses pyautogui to paste the contents of script.js into a browser developer console by pressing CTRL+SHIFT+J, followed by the paste command, and then executing the JavaScript within the browser console.
pyautogui actions in monitor.py
The pasted and executed JavaScript is then responsible for attempting CAPTCHA refreshes and defeats on targeted URLs, reporting the status to a JSON file named stats.json. If a proxy rotation is required to aid in defeating CAPTCHA attempts on a given URL, the monitor.py script also handles this, rotating the used proxy through the iproxyonline service (fxdx[.]in). Proxy rotation is generally enabled to avoid geographic or IP-based restrictions when repeatedly attempting to refresh and defeat CAPTCHAs. The Telegram status updates specifically report on proxy rotations and CAPTCHA submissions. Some versions of these scripts have the proxy rotation section commented out, indicating that it is an optional feature.
Telegram message submission + proxy rotation status in monitor.py
All the analyzed monitor.py and monitor_random.py scripts contain the same Telegram token and chat ID combination.
Telegram bot data in monitor.py
This Telegram chat_id is associated with the following Telegram user data:
• (bot) username: htscasdasdadwoobot
• Firstname: Shadow / hts
• LastName: a_zarkawi
HTS Telegram bot referenced in monitor.py scripts
Infrastructure - The spam messages frequently rotate the domain used, likely to avoid detection. The oldest domain in use is akirateam[.]com, which was registered in January 2022 on a German-based IP address, 91.195.240[.]94, and remained unchanged until March 2023. The second-oldest domain is goservicewrap.com, which was registered in April 2024 and resolved to 86.38.202.110, a Hostinger IP address in Cyprus.
Several AkiraBot domains have interesting connections through historical DNS activity. The subdomain mail.servicewrap-go[.]com briefly shared a CNAME record pointing to 77980.bodis[.]com, which is associated with various malicious activities, including a 2023 malvertising campaign. This domain also received communications from several Windows executable files that were detected as various banking trojans.
An odd relationship stood out in anchor links referencing 77980.bodis[.]com: the website unj[.]digital contained anchor links from December 2024 through February 2025 pointing to 77980.bodis[.]com. UNJ Digital’s website describes itself as a digital marketing and software development firm. The subdomain smtp.unj. digital also has a CNAME record pointing to 77980.bodis.com, fortifying a connection between these hosts. While the website now highlights offering digital content services, as of late 2024, the site showed a focus on increasing marketing revenue.
Screenshot of content on unj[.]digital circa October 2024
Screenshot of content on unj[.]digital circa March 2025
Akira and ServiceWrap SEO - AkiraBot uses two distinct themes in its SEO offerings: Akira and ServiceWrap. Reviews for both services on
TrustPilot is similar: it has many 5-star reviews with similar, potentially AI-generated content, and the occasional 1-star review complaining that the site is either a scam or has spammed the reviewer.
The 5-star reviews tend to follow a pattern where the reviewer has one previous review that was made 1-5 days before the Akira or ServiceWrap review. The review themes are very similar across these 5-star reviews, though the contents and structure are always unique. Analysts believe the actor may be generating some fake reviews, though it is difficult to say with certainty.
Trustpilot review for servicewrapgo[.]com
Trustpilot review for useakira[.]com
Trustpilot review for useakira[.]com
Conclusion - AkiraBot is a sprawling framework that has undergone multiple iterations to integrate new spamming target technologies and evade website defenses. Sentinel expects this campaign to continue to evolve as website hosting providers adapt defenses to deter spam. The author or authors have invested significant effort in making this bot bypass commonly used CAPTCHA technologies, which demonstrates that the operators are motivated to circumvent service provider protections.
AkiraBot’s use of LLM-generated spam message content demonstrates the emerging challenges that AI poses to defending websites against spam attacks. The easiest indicators to block are the rotating sets of domains used to sell the Akira and ServiceWrap SEO offerings, as there is no longer a consistent approach in the spam message contents, as there was with previous campaigns selling the services of these firms.
SentinelLABS thanks the OpenAI security team for their collaboration and continued efforts in deterring bad actors from abusing their services. The OpenAI team shared the following response following their investigation: “We’re grateful to SentinelOne for sharing their research. Distributing output from our services for spam is against our policies.
The API key involved is disabled, and we are continuing to investigate. We will also disable any associated assets. We take misuse seriously and are continually improving our systems to detect abuse.”
Indicators of Compromise
Akira & ServiceWrap Domains
akirateam[.]com
beservicewrap[.]pro
firstpageprofs[.]com
getkira[.]info
go-servicewrap[.]com
gogoservicewrap[.]com
goservicewrap[.]com
joinnowkira[.]org
joinnowservicewraps[.]pro
joinservicewrap[.]com
joinuseakira[.]com
kiraone[.]info
letsgetcustomers[.]com
loveservice-wrap[.]com
mybkira[.]info
onlyforyoursite[.]com
searchengineboosters[.]com
service-wrap[.]com
servicewrap-go[.]com
servicewrap[.]pro
servicewrapgo[.]com
servicewrapone[.]com
theakirateam[.]com
toakira[.]pro
topservice-wrap[.]pro
topservicewrap[.]com
usekiara[.]com
useproakira[.]com
usethatakira[.]com
wantkiara[.]info
wearetherealpros[.]com
wejoinkir[.]vip
wethekira[.]shop
wetheservicewrap[.]pro
AkiraBot Tool Archive SHA-1
09ec44b6d3555a0397142b4308825483b479bf5a
0de065d58b367ffb28ce53bc1dc023f95a6d0b89
13de9fcd4e7c36d32594924975b7ef2b91614556
2322964ea57312747ae9d1e918811201a0c86e9c
253684ea43cb0456a6fec5728e1091ff8fcb27cf
36b4e424ce8082d7606bb9f677f97c0f594f254d
3a443c72995254400da30fe203f3fbf287629969
3a7cc815b921166006f31c1065dadfeb8d5190e6
4d24dd5c166fa471554ed781180e353e6b9642b7
51ec20e5356bbebd43c03faae56fca4c3bbe318e
55affc664472c4657c8534e0508636394eac8828
5620b527dfc71e2ee7efb2e22a0441b60fd67b84
5fde3180373c420cfa5cfdea7f227a1e1fe6936c
62e66bae4b892593009d5261d898356b6d0be3ef
6b65c296d9e1cda5af2f7dab94ce8e163b2a4ca8
6c56b986893dd1de83151510f4b6260613c5fbb9
6f342ff77cd43921210d144a403b8abb1e541a8b
7129194c63ae262c814da8045879aed7a037f196
71464c4f145c9a43ade999d385a9260aabcbf66d
730192b0f62e37d4d57bae9ff14ec8671fbf051e
769aa6ab69154ca87ccba0535e0180a985c21a0c
76aab3ab0f3f16cf30d7913ff767f67a116ff1e7
853fde052316be7887474996538b31f6ac0c3963
9d43494c6f87414c67533cce5ec86754311631fc
9f6ed2427e959e92eb1699024f457d87fa7b5279
aa72065673dc543e6bf627c7479bfe8a5e42a9c4
aac26242f4209bc59c82c8f223fcf2f152ce44bc
b643a1f2c4eb436db26763d5e2527f6bebe8bcbf
bbd754e36aee4702b9f20b90d509248945add4ea
cb194612ed003eaf8d8cf6ed3731f21f3edeb161
cc63ee921c29f47612096c34d6ee3ef244b33db2
e12c6911997d7c2af5550b7e989f1dc57b6733b8
eae675812c4274502051d6f2d36348f77a8464a0
f1c7c5d0870fd0abb7e419f2c2ba8df42fa74667
f2e71c9cbc4a18482a11ca3f54f2c958973360b4
fb7fdcc2fe11e95065a0ce9041348984427ca0f4
This article is shared at no charge for educational and informational purposes only.
Red Sky Alliance is a Cyber Threat Analysis and Intelligence Service organization. We provide indicators of compromise information via a notification service (RedXray) or an analysis service (CTAC). For questions, comments, or assistance, please get in touch with the office directly at 1-844-492-7225 or feedback@redskyalliance.com
• Reporting: https://www.redskyalliance.org/
• Website: https://www.redskyalliance.com/
• LinkedIn: https://www.linkedin.com/company/64265941
Weekly Cyber Intelligence Briefings:
REDSHORTS - Weekly Cyber Intelligence Briefings
https://register.gotowebinar.com/register/5207428251321676122
[1] https://www.sentinelone.com/labs/akirabot-ai-powered-bot-bypasses-captchas-spams-websites-at-scale/
© 2025 Red Sky Alliance Corporation. All rights reserved.
Comments