ATHR Platform Enables Scalable AI-Driven Vishing Attacks

Severity: High (Score: 66.5)

Sources: Bleepingcomputer, Cybersecuritynews, Gbhackers, abnormal.ai

Summary

The ATHR cybercrime platform has emerged as a significant tool for executing automated voice phishing (vishing) attacks, utilizing AI agents and human operators to harvest credentials. Advertised on underground forums for $4,000 plus a 10% commission on profits, ATHR automates the entire telephone-oriented attack delivery (TOAD) process. Attackers send benign-looking emails containing only a phone number, prompting victims to call. Once connected, the AI agents guide victims through a scripted process designed to extract sensitive information, such as verification codes. The platform supports credential theft from multiple services, including Google, Microsoft, and Coinbase. ATHR's integration of various attack components allows even less technical criminals to conduct sophisticated phishing operations. Researchers have noted that ATHR's capabilities significantly reduce the manual effort required for such attacks. The platform's dashboard provides real-time monitoring and control over operations, enhancing its effectiveness. Key Points: • ATHR automates vishing attacks using AI agents and human operators. • The platform is sold for $4,000 plus a 10% profit share on underground forums. • ATHR enables attackers to bypass traditional email security with simple lure emails.

Key Entities

• Phishing (attack_type)
• TOAD (campaign)
• crypto.com (domain)
• T1566 - Phishing (mitre_attack)
• ATHR (platform)
• Asterisk (platform)
• WebRTC (platform)
• ATHR TTS (tool)
• NFA Mailer (tool)