A new criminal platform has just emerged. Discovered by researchers at Abnormal Security, the platform is called Atlantis AIO, and allows cybercriminals to orchestrate credential stuffing attacks. This tactic involves using pairs of credentials (usernames and passwords) stolen during previous data breaches to fraudulently access accounts on other online services.
It is responsible for some of the data leaks recorded in France. This modus operandi relies on the negligence of Internet users who too often recycle their credentials. In fact, hackers can also recycle compromised information to carry out a host of offensives against different sites. As long as two-factor authentication is not enabled, they can easily gain access to an account. It's "one of the most effective and widespread cyberattacks," Abnormal Security emphasizes.
Millions of automated brute force attacks
Through Atlantis AIO, hackers are able to automate credential stuffing operations. Indeed, the platform is designed to conduct brute force attacks using credentials provided by cybercriminals. It relies on automated bots to speed up the rate of login attempts. Atlantis AIO is also capable of bypassing CAPTCHAs, which are precisely designed to block the bots responsible for carrying out offensives. The tool "allows attackers to test millions of stolen credentials" in rapid succession.
Once an account falls under its control, the platform can automatically monetize it. In other words, it will put up for sale the credentials used to log in to the account. Many cybercriminals, including budding hackers, are indeed interested in purchasing credentials whose validity has been verified. These accounts are most often grouped together and resold in bulk on black markets.
As Abnormal Security explains, the platform allows automating the entire process of hacking and monetizing an account. This is why researchers believe it is a new "powerful weapon in the arsenal of cybercriminals.".
140 sites are targeted
To take advantage of Atlantis AIO's features, cybercriminals must subscribe to a paid subscription. The platform's developers also advertise it on dark web sites and various black markets. They explain that Atlantis AIO offers "unparalleled reliability, blazing speeds, and innovative features," making it "the ultimate choice" for cybercriminals organizing hacks.
The platform is programmed to bypass the security of 140 online services, including Hotmail, AOL, Yahoo, and Mail.com. It has a dedicated module for hacking online messaging, giving criminals access to Internet users' inboxes. They can then use it to spread phishing emails. The tool also targets "commerce sites, streaming services, VPNs, financial institutions, and even food delivery services.".
A widespread bad habit
The emergence of this criminal platform is likely to be accompanied by an explosion of credential stuffing attacks in the near future. This is why it is important to protect yourself against the recycling of compromised credentials. First of all, never recycle your credentials to secure multiple online accounts. This bad habit makes it easier for criminals to do their job.
A study by Avast reveals that 51% of French people use the same password for multiple online accounts, although 84% of them admit that it's a bad idea. Choose different login details for each account. Above all, opt for a complex password made up of random characters. Don't hesitate to use a password manager to make your life easier. Also, take the time to set up two-factor authentication as soon as it's available.
Source: Abnormal Security
0 Comments