Latest news with #AtlantisAIO
Forbes
01-08-2025
- Forbes
Information-Stealing Machine Behind Theft Of 1.8 Billion Credentials
The days of cybercrime being committed by the once stereotypical hacker in the basement, acting alone, are long gone. Organized crime rules the criminal hacking roost now, and this is evidenced time and time again by the sheer scale of the cyberattacks we see. When talking about an information-stealing machine, you may be forgiven for thinking of the Katz Stealer cybercrime-as-a-service operation that charges hackers as little as $30 to compromise thousands of passwords from the most popular web browsers, or maybe the Atlantis AIO automatic password-hacking machine that brings credential-stuffing into the hands of the cybercriminal. But the machine in the headline is bigger than all of them. Because it is all of them. New threat intelligence has revealed the extent to which organized information-stealing has erupted in just the first six months of 2025. I trust you are sitting down. Global Threat Intelligence Index Reveals Information-Stealing Machine In Action The latest analysis from the threat intelligence team at Flashpoint has just been published, and it makes for some very disturbing reading indeed. It's hard to know where to start when it comes to the alarming statistics that cover just the first six months of the year. The 235% surge in data breaches, two-thirds of them in the U.S., it must be said, exposing a staggering 9.45 billion records, is bad enough. But this is dwarfed by the 800% rise that has been observed in stolen credentials, with 1.8 billion compromised by information-stealers. The two sets of numbers are, however, intrinsically linked: unauthorized access accounted for nearly 78% of all reported data breach incidents. No wonder infostealers are the initial access weapon of choice for so many criminal hackers. The rise of identity as a primary attack vector is, without a shadow of a doubt, fueled by infostealers. 'They enable initial access that can cascade into significant data breaches across organizations and their supply chains,' the report warned, and have 'gained traction due to their low cost, accessibility, and ability to provide threat actors with deeper access than many other initial access vectors.' It can surely be no coincidence that Flashpoint has reported a 179% increase in ransomware incidents during the same time period as the information-stealing machine activity has spiked. "With ransomware up 179% and data breaches surging 235%, the sheer scale of malicious activity is undeniable,' Ian Gray, Flashpoint's vice president of cyber threat intelligence operations, said. The report recommended that organizations 'implement a two-pronged approach' that combines the use of compromised credential dataset intelligence alongside alerting based on specific affected domains. You might also want to consider switching to a stronger credentials technology than passwords and basic 2FA, by which I am referring to passkeys, of course. Why make things easy for the information-stealing machine, after all?
Forbes
25-03-2025
- Forbes
Automatic Hacking Machine Uses Millions Of Stolen Passwords To Attack
Atlantis AIO is an automatic hacking machine. getty Don't say you weren't warned. The threat from infostealer malware has been made pretty clear as billions of passwords are reported compromised, 85 million of the newest being used in ongoing attacks, and even two-factor authentication in isolation might not be enough to save you as hackers use session cookies to bypass 2FA code protections. That threat has just been amplified by a report revealing how an automatic hacking machine called Atlantis AIO is using millions of stolen passwords to gain access to email, VPN, streaming services and even food delivery accounts. Credential stuffing is not new; let's make that clear right from the start. However, it is a very dangerous attack methodology and is becoming increasingly so. Attackers are always looking to develop new tools that can help them carry out their attacks, as I reported March 15 after leaked Black Basta ransomware group internal chat logs revealed how it was using an automated brute-force attack framework. As both brute-force and credential stuffing terms suggest, these attacks essentially hammer an account with as many usernames and password combinations as possible in the hope that one will be correct and gain entry. OK, so that's the simplified explanation, but by using lists of stolen or compromised credentials readily available from dark web marketplaces and in various criminal forums, it's possible for hackers to access other accounts that share the same passwords. A March 25 threat intelligence report from Abnormal Security has sounded the alarm about an automatic hacking machine, known as Atlantis AIO, that can take these millions of stolen passwords and use them in just such credential stuffing attacks. 'Atlantis AIO has emerged as a powerful weapon in the cybercriminal arsenal,' Abnormal Security analysts said, 'enabling attackers to test millions of stolen credentials in rapid succession.' Where Atlantis excels, however, is in providing pre-configured modules to automate the targeting of specific services, from email providers such as ing Hotmail, Yahoo, AOL, GMX, and to streaming services, VPNs, financial institutions, and even food delivery services. In fact, the report revealed the Atlantis AIO hacking machine can be aimed at more than 140 different platforms. 'By offering pre-configured modules for targeting a range of platforms and cloud-based services,' the threat intel report warned, 'it allows cybercriminals to launch credential stuffing attacks at scale with minimal effort.' The secret to the success of this automatic hacking machine is its modular approach. This can be demonstrated across three areas. The use of a password manager to ensure unique and strong passwords for every account, along with two-factor authentication for all your accounts, can help mitigate this kind of attack. Don't share your passwords between accounts is the most pertinent advice, follow it.
