New Atlantis AIO platform automates credential stuffing on 140 services

A new cybercrime platform named 'Atlantis AIO' provides an automated credential stuffing service against 140 online platforms, including email services, e-commerce sites, banks, and VPNs. Specifically, Atlantis AIO features pre-configured modules for these services to perform brute force attacks, bypass CAPTCHAs, automate account recovery processes, and monetize stolen credentials/accounts. Credential stuffing and automation Credential stuffing is a type of cyberattack where threat actors try out a list of credentials (usernames + passwords) they stole or sourced from leaked data breaches against platforms hoping to gain access to accounts. If the credentials match and the account isn't protected by multi-factor authentication, they can hijack it, lock the legitimate owner out, and then abuse or resell the account to others. This type of attack is popular and widespread, with large credential-stuffing attacks occurring daily. Over the years, these attacks have impacted brands and ... Read full article.