New ATHR vishing platform uses AI voice agents for automated attacks
Summary
ATHR is a cybercrime platform that automates vishing attacks (voice phishing, where attackers trick people into revealing passwords over the phone) using AI voice agents and human operators to steal login credentials from services like Google and Microsoft. The platform handles the entire attack chain, from sending fake security alert emails to using AI-driven phone calls that impersonate support staff and extract verification codes. According to researchers, ATHR makes vishing attacks much easier to launch because it requires less technical skill and manual work than traditional attacks.
Solution / Mitigation
Detection is possible by checking communication behavioral patterns between a sender and a recipient to identify if similar lures containing a phone number reached the organization within a short time frame. Abnormal researchers say that modeling normal communication behavior across the organization can help AI-powered detection flag anomalies before targets make a call.
Classification
Affected Vendors
Related Issues
CVE-2024-27444: langchain_experimental (aka LangChain Experimental) in LangChain before 0.1.8 allows an attacker to bypass the CVE-2023-
CVE-2026-30308: In its design for automatic terminal command execution, HAI Build Code Generator offers two options: Execute safe comman
Original source: https://www.bleepingcomputer.com/news/security/new-athr-vishing-platform-uses-ai-voice-agents-for-automated-attacks/
First tracked: April 16, 2026 at 02:00 PM
Classified by LLM (prompt v3) · confidence: 85%