According to results from Abnormal Security, threat actors are using an e-crime tool called Atlantis AIO Multi-Checker to manage token packing problems.
According to the cybersecurity firm, Atlantis AIO “has emerged as a powerful tool in the fraudster arsenal, allowing attackers to check millions of stolen qualifications in quick succession.”
A cybercriminal uses stolen account credentials, which are usually composed of lists of usernames, email addresses, and passwords, to eavesdrop on user accounts on related systems through extensive automated login requests. Credential stuffing is a type of cyberattack.
These credentials may be obtained from a social media service’s data breach or been acquired from secret forums where they are being sold by different threat actors.
Similar to brute-force problems, which involve using a trial-and-error technique to crack credentials, login credentials, and encryption tips, login cramming is different from brute-force attacks.
According to Abnormal Security, Atlantis AIO gives threat actors the ability to build credential-loading attacks at range using pre-configured modules to target a variety of platforms and cloud-based services, thus facilitating scams, data theft, and account takeovers.
A fraudster tool intended to stop credential-loading strikes is called” Atlantis AIO Multi-Checker.” It is rapidly test thousands of username and password combinations across more than 140 systems, making it worthy of testing stolen credentials at scale.
The threat actors behind the system also assert that it was founded on” a basis of proven achievement” and that they have thousands of happy customers, while also assuring customers of the security guarantees that are included in the program in order to keep their purchases secret.
In the official ad, they claim that” we consistently lead the charge for solutions that yield unmatched results” and that “every feature, update, and conversation is crafted with meticulous attention to enhance your knowledge beyond expectations.
Email clients that Atlantis AIO serves contain GMX, Yahoo, Yahoo, Yahoo, AOL, and Web. as well as e-commerce, streaming, VPN, economic corporations, and food delivery services.
Another significant feature of the application is its capability to manage account recovery procedures associated with eBay and Yahoo and conduct brute-force attacks against the above email platforms.
According to Abnormal Security,” Credential stuffing resources like Atlantis AIO give fraudsters a direct route to monetizing stolen credentials.”
Assailants can exploit accounts across a variety of platforms once they have gained access, such as selling user information on black web marketplaces, engaging in fraud, or using affected accounts to disperse spam and launch phishing campaigns.
It’s advised to enact strict password regulations and implement phishing-resistant multi-factor authentication ( MFA ) mechanisms to reduce the risk of account takeover caused by such attacks.