New AI vishing tool ATHR enables large-scale credential theft
Key Takeaways A sophisticated AI-powered vishing platform named ATHR has emerged, enabling large-scale credential theft. ATHR automates the entire attack chain, from email delivery to AI-driven voice...
Key Takeaways
- A sophisticated AI-powered vishing platform named ATHR has emerged, enabling large-scale credential theft.
- ATHR automates the entire attack chain, from email delivery to AI-driven voice interaction and real-time credential harvesting, making it highly scalable and accessible to less-skilled attackers.
- The platform leverages the Telephone-Oriented Attack Delivery (TOAD) method, sending seemingly innocuous emails containing only a phone number, bypassing many traditional email security filters.
- Organizations and individuals are at risk of account compromise across major platforms like Google, Microsoft, Yahoo, AOL, and cryptocurrency exchanges such as Coinbase and Binance.
A new, highly automated cybercrime platform, dubbed ATHR, is enabling threat actors to conduct large-scale credential theft through AI-powered vishing. This sophisticated tool streamlines the entire attack process, from initial contact to harvesting sensitive user data, posing a significant challenge to conventional cybersecurity defenses.
Table Of Content
Unlike traditional phishing campaigns that rely on malicious links or attachments, ATHR employs a method known as Telephone-Oriented Attack Delivery (TOAD). This tactic involves sending simple emails containing only a phone number, which targets are prompted to call. The dangerous interaction unfolds over the phone, where an AI-driven agent manipulates the victim into divulging sensitive information or installing remote access software.
Because the initial email contains no overtly malicious elements, it often sails past standard security filters, making ATHR particularly insidious. The platform is now available on underground cybercrime forums for a price of $4,000, plus a 10% share of any profits generated from its use.
Abnormal Security Uncovers ATHR Operations
Analysts and researchers at Abnormal Security first identified the ATHR platform while monitoring illicit cybercrime activities. Their detailed findings, published on April 16, 2026, shed light on the sophisticated nature of this new threat. Researchers Aaron Orchard, Callie Baron, and Piotr Wojtyla highlighted that ATHR is not merely another phishing kit but a comprehensive, integrated attack system.
The platform features four core components: a built-in email mailer, an AI-powered voice agent, a real-time credential harvesting panel, and a unified operator workspace. These components operate in concert, managed through a single browser-based interface, simplifying the execution of complex vishing campaigns.
ATHR supports credential harvesting for eight prominent brands, including Google, Microsoft, Yahoo, AOL, and major cryptocurrency exchanges like Coinbase, Binance, Gemini, and Crypto.com. During a call with the AI agent, operators can simultaneously direct victims to a deceptive login page, capturing their email addresses and passwords in real time. Abnormal’s observations revealed a live dashboard displaying 243 total interactions, 12 active sessions, and 87% campaign utilization, underscoring the platform’s active deployment and effectiveness.
What differentiates ATHR from previous TOAD operations is its unparalleled level of automation. Historically, executing a TOAD attack required manual coordination of disparate tools for email delivery, phone interactions, and data capture. ATHR eliminates this complexity, consolidating all functionalities into one platform, allowing even a single individual with limited technical expertise to orchestrate full-scale vishing campaigns.
ATHR’s AI Vishing Agent: The Core of the Attack
The most distinctive and dangerous feature of ATHR is its integrated AI vishing agent, which conducts voice-based social engineering without human intervention. When a target dials the number provided in a phishing email, the AI agent answers and follows a meticulously crafted, multi-step script. This script guides the victim through a deceptive process, starting with verifying the callback, describing fabricated suspicious account activity, requesting phone number confirmation, initiating a fake recovery process, and ultimately soliciting a six-digit verification code. The script encompasses 10 distinct sections, as detailed in Abnormal’s analysis.
The AI agent employs a custom text-to-speech engine, ATHR TTS, powered by a model named Sonic 3. This engine produces a clear, natural-sounding voice designed to mimic a legitimate support representative from a trusted company. This highly convincing voice, combined with email lures that include specific timestamps, locations, and IP addresses for alleged suspicious activity, leaves victims with little reason to doubt the authenticity of the alert.
The email lures themselves are generated using an NFA mailer capable of spoofing sender names to appear as legitimate brands. For instance, a pre-configured template for Google sends a “Security Alert: Account Temporarily Locked” email, offering 10 customizable fields to enhance its authenticity.
What You Should Do
- Educate Users: Train employees and users to never call phone numbers provided in unexpected security alert emails. Emphasize the importance of verifying any such alerts by directly visiting the official website of the service or company in question, using known contact information.
- Monitor Email Activity: Security teams should implement and monitor for unusual patterns in incoming email traffic, specifically looking for multiple recipients within the organization receiving messages with the same embedded phone number in a condensed timeframe.
- Enhance Detection Capabilities: Since ATHR lures can successfully pass SPF, DKIM, and DMARC checks, relying solely on these technical authentication signals is insufficient. Deploy behavioral AI-based detection systems that can analyze and map normal communication patterns for individual users and senders to identify and flag anomalous activities before a call is placed.
- Implement Multi-Factor Authentication (MFA): Ensure strong MFA is enforced across all accounts and services, as it adds an essential layer of security that can prevent unauthorized access even if credentials are compromised.
Disclaimer: HackersRadar reports on cybersecurity threats and incidents for informational and awareness purposes only. We do not engage in hacking activities, data exfiltration, or the hosting or distribution of stolen or leaked information. All content is based on publicly available sources.



No Comment! Be the first one.