A new cybercrime-as-a-service platform called ATHR automates voice phishing (vishing) attacks end-to-end using AI voice agents and human operators. Sold on underground forums for $4,000 plus a 10% commission, it targets accounts at Google, Microsoft, Coinbase, Binance, and others. The platform handles every stage of a telephone-oriented attack delivery (TOAD): crafting brand-specific lure emails that pass authentication checks, routing victims through Asterisk/WebRTC to AI voice agents, and harvesting credentials such as six-digit verification codes. ATHR's dashboard gives operators real-time control and logs of stolen data. Researchers at Abnormal warn this productized approach lowers the barrier for less technical attackers and will make vishing attacks more frequent and harder to detect. Detection is possible by modeling normal communication behavior and flagging anomalous patterns like bulk phone-number-containing emails sent to an organization in a short window.
Sort: