Epieos provides insights into email addresses and phone numbers under suspicion of use by criminal threat actors or their affiliates. It reverses this information into additional insights such as social media accounts, domains, payment platforms used and more.All experts participating in the Cybercrime Atlas, and the organizations they represent, join based on an assessment of their expertise, insights and role in disrupting cybercriminal activity. By bringing these diverse capabilities and skills together, the Cybercrime Atlas community contributes new insights. The impact goes beyond what participants can create by working in isolation. This is demonstrated in Cybercrime-Atlas supported disruptions like the INTERPOL-led Operation Serengeti and 2.0. For example, Fortinet, Trend Micro and Group-IB9 provided individual support to the operations but are also members of the Cybercrime Atlas community and research groups that contributed insights to these operations. Focus on tooling Cybercrime Atlas research and impact have been enhanced through support from specialist tool providers. The Cybercrime Atlas community collaborates with these organizations based on an assessment of mission alignment and quality. Kasm is the Cybercrime Atlas’s secure workspace provider. Without access to Kasm, Cybercrime Atlas researchers could not start work. Kasm’s security has supported onboarding of new experts, allowing them to work swiftly and safely with all needed operational security measures.Maltego is an OSINT platform that supports Cybercrime Atlas researchers in analysing and visualizing connections across diverse data sources. The partnership with Maltego has allowed Atlas researchers to reliably conduct link analysis and draw new insights from their findings. Additionally, with access to Maltego’s Hunchly, Atlas researchers can capture and preserve web data in a structured way to support their investigations. Silent Push provides Cybercrime Atlas researchers with intelligence on malicious technical infrastructure. This supports the identification of criminal IT infrastructure before it is weaponized by cybercriminals. Many of the crimes investigated by the Cybercrime Atlas involve the use of domains as a primary vehicle to lure victims, which is one of several areas in which Silent Push provides Atlas investigators with unique insights.SpyCloud recaptures identity data stolen in phishing attacks, malware infections, and data breaches directly from criminal networks, enabling proactive threat hunting and criminal attribution. Cybercrime Atlas uses these capabilities for reverse engineering on passwords and obtaining insights into breach data, identifying malicious tools used by threat actors and further datapoints related to criminal actors’ additional online accounts.ShadowDragon Horizon is an intelligence platform used by the Cybercrime Atlas for trusted, ethical information collection and analysis. It enables the identification of social media accounts and the mapping of relationships between online entities worldwide – delivering actionable intelligence to drive informed decisions. FIGURE 11 Focus on OSINT tooling Cybercrime Atlas Impact Report 2025 20