heise PlusAbo
Anzeige

Cybercrime tool Atlantis AIO to enable automated password attacks

Unfortunately, organized online crime never sleeps: security researchers have discovered Atlantis AIO, a powerful tool for hijacking accounts.

listen Print view
A symbolic lock next to input fields for log-in data

(Image: Song_about_summer/Shutterstock.com)

2 min. read
Security
By
Contents

Innovations are actually a welcome thing. But when it comes to the cybercrime-as-a-service (CaaS) business model, they are certainly not: security researchers from Abnormal have come across a new cybercrime tool called Atlantis AIO in an underground forum, which is designed to optimize password attacks – - at least that is the advertising promise of the criminal providers.

Questionable business model

In the context of CaaS, criminals offer tools and infrastructures for cyberattacks. What is perfidious is that the attack tools are often designed in such a way that even cybercrime novices understand them. The providers collect a commission after successful attacks.

Advertising for cybercrime services: Atlantis AIO providers promise an all-round carefree package including a promise to protect privacy.

(Image: Abnormal)

Behind this are organized professional criminals who promote their tools on the Darknet with advertisements and support. This is also the case with the Atlantis AIO tool recently discovered by security researchers.

In a report, they provide an overview of the credential stuffing attack tool. In such attacks, attackers try out access data from huge lists of leaked passwords on a large scale in order to hijack online accounts. This is done automatically and at high speed. If there is a hit, criminals take over the account in question.

According to the criminal providers' advertising promises, Atlantis AIO is designed to do this even more effectively. According to them, the tool comes with more than 140 modules tailored to various online services. For example, automated attacks on the accounts of email providers such as Gmx.de and Web.de are possible with just a few clicks. The researchers state that there are also modules for various financial services and streaming providers, among others.

Once attackers have taken over an email account, they can misuse it to send spam, for example. Captured log-in data from streaming providers can be sold on the online black market.

Videos by heise

The tool should not only work quickly and efficiently, it should also be able to solve security measures such as captchas. The providers also want to continuously expand the range of functions. Atlantis AIO shows once again how frighteningly innovative and professional cyber criminals operate the CaaS business model.

(des)

Don't miss any news – follow us on Facebook, LinkedIn or Mastodon.

This article was originally published in German. It was translated with technical assistance and editorially reviewed before publication.

Beliebte Bestenlisten

Alle Angebote
Newsletter heise-Bot heise-Bot Push Nachrichten Push Push-Nachrichten