Find notable cyber news and cases, enriched with sources, timelines, and signals.
Home Browse News Feed Stats Watchlists Beta About Contact

ATHR productized automated vishing platform for credential theft

Threat Actor Meta
First reported
Last updated
Happening score
H score 41
1 unique sources, 1 articles

Summary

Hide ▲

ATHR is turning automated vishing into a productized underground service, lowering the barrier for credential theft across Google, Microsoft, Coinbase, and other major accounts. The platform combines email lures, AI voice agents, and operator dashboards to streamline TOAD attacks from start to finish. Its marketplace pricing and built-in automation point to a broader shift toward more scalable, harder-to-detect credential theft services.

Related Happenings

Perplexity Comet prompt-injection research shows agentic browsers can be trained into phishing traps

Technical Analysis
First: 11.03.2026 18:38 Last: 11.03.2026 18:38 Sources 1

About this happening: **Perplexity's Comet AI browser** is the focus of a **technical analysis** thread showing how **prompt injection** and **malicious URLs** can steer an agentic browser into **data...

Open Happening

BlackForce, GhostFrame, InboxPrime AI, and Spiderman phishing kits scaling credential theft

Malware Activity
First: 12.12.2025 16:04 Last: 12.12.2025 16:04 Sources 1

About this happening: **BlackForce**, **GhostFrame**, **InboxPrime AI**, and **Spiderman** are newly documented phishing kits that expand **credential theft at scale** and make it easier to bypass **MF...

Open Happening

Eternidade Stealer WhatsApp propagation campaign

Campaign
First: 19.11.2025 17:00 Last: 19.11.2025 17:00 Sources 1

About this happening: **Eternidade Stealer** is a **WhatsApp-propagating banking Trojan** targeting users in **Brazil**. The campaign combines **social engineering** with a **WhatsApp hijacking worm**...

Open Happening

WhatsApp Web automation extension spam campaign targeting Brazilian users

Campaign
First: 20.10.2025 13:47 Last: 20.10.2025 13:47 Sources 1

About this happening: A **coordinated WhatsApp spam campaign** used **131 rebranded Chrome extensions** to automate bulk outreach against **Brazilian users**, creating a large-scale abuse channel that...

Open Happening

Varonis Interceptor launches as AI-native email and browser security

Security Tool/Service
First: 13.10.2025 17:04 Last: 13.10.2025 17:04 Sources 1

About this happening: **Varonis** launched **Varonis Interceptor**, an **AI-native email security** and browser security product designed to block **phishing**, **business email compromise**, **social...

Open Happening

Timeline

  1. 16.04.2026 17:09 2 articles · 1mo ago

    ATHR disclosed as an automated vishing platform

    Initial Disclosure

    ATHR is described as a productized underground phishing and vishing platform that automates TOAD attacks with brand-specific email templates, per-target customization, spoofing mechanisms, Asterisk and WebRTC call routing, and AI voice agents to harvest credentials for Google, Microsoft, Coinbase, Binance, Gemini, Crypto.com, Yahoo, and AOL accounts.

    Show sources
    Open in new tab