ATHR is a commercial cybercrime platform that automates voice-phishing attacks using AI voice agents and optional human operators to socially engineer victims and harvest account credentials. Advertised on underground forums for $4,000 plus a 10% commission, ATHR automates the full TOAD attack chain—from spoofed, brand-specific emails to Asterisk/WebRTC calls—targeting services like Google and Coinbase. #ATHR #Coinbase
Keypoints
- ATHR automates the entire telephone-oriented attack delivery (TOAD) chain, including lure emails, spoofing, calls, and credential harvesting.
- The platform uses AI-driven voice agents (with an option to route calls to human operators) via Asterisk and WebRTC to mimic support staff and extract verification codes.
- Operators get a dashboard for brand-specific email templates, per-target customization, real-time monitoring, and access to stolen data logs.
- Marketed on underground forums for $4,000 plus a 10% commission, ATHR lowers the technical barrier for attackers to run effective vishing campaigns.
- Detection is possible by modeling normal communication behavior and flagging anomalous patterns, such as repeated lures containing a phone number.