ATHR Platform Enables Automated Vishing Attacks Using AI Agents

Severity: High (Score: 66.5)

Sources: abnormal.ai, Bleepingcomputer

Summary

The ATHR cybercrime platform has emerged as a sophisticated tool for executing telephone-oriented attack delivery (TOAD) attacks, utilizing both AI vishing agents and human operators to harvest credentials. Priced at $4,000 plus a 10% commission on profits, ATHR automates the entire phishing process, from sending deceptive emails to conducting voice-based social engineering. Victims receive emails designed to bypass security checks, often appearing as urgent security alerts, prompting them to call a provided number. Once connected, the AI agents guide victims through a fake recovery process to extract sensitive information, such as verification codes. ATHR supports multiple online services, including Google, Microsoft, and Coinbase, making it a versatile threat. The platform's integration of various attack stages reduces the need for technical expertise, allowing less skilled attackers to launch automated vishing campaigns. Current monitoring shows high utilization rates, indicating a significant operational capacity. Researchers warn that this development represents a shift towards more accessible and automated cybercrime tools. Key Points: • ATHR automates TOAD attacks, combining email phishing and voice social engineering. • The platform is sold for $4,000 plus a 10% profit share, making it accessible to less skilled attackers. • ATHR can impersonate multiple services, increasing its potential impact on victims.

Key Entities

• Phishing (attack_type)
• TOAD (campaign)
• crypto.com (domain)
• T1566 - Phishing (mitre_attack)
• ATHR (platform)
• Asterisk (platform)
• WebRTC (platform)
• ATHR TTS (tool)
• NFA Mailer (tool)