New Atlantis AIO platform automates credential stuffing on 140 services www.bleepingcomputer.com/news/secu…

A new cybercrime platform named ‘Atlantis AIO’ provides an automated credential stuffing service against 140 online platforms, including email services, e-commerce sites, banks, and VPNs.

Specifically, Atlantis AIO features pre-configured modules for these services to perform brute force attacks, bypass CAPTCHAs, automate account recovery processes, and monetize stolen credentials/accounts.

Credential stuffing is a type of cyberattack where threat actors try out a list of credentials (usernames + passwords) they stole or sourced from leaked data breaches against platforms hoping to gain access to accounts. If the credentials match and the account isn’t protected by multi-factor authentication, they can hijack it, lock the legitimate owner out, and then abuse or resell the account to others.