- About 600 threat actors use Darcula, warn the experts
- They managed to steal more than 800,000 credit card details in less than a year
- Mobile devices are main targets for phishing these days
Darcula, a infamous phishing kit as a service (Phaas), helped hundreds of its users flying nearly a million credit cards in about half an year, cybersecurity researchers said.
Analysts from NRK, Bayerischer Rundfunk, the Norwegian world and security company Mnemonic have deeply perfected in Darcula, which in just seven months between 2023 and 2024 served some 600 operators.
The pirates were able to generate 13 million clicks on malicious ties sent via SMS to targets around the world – and therefore, were able to steal 884,000 credit cards.
Threats generating AI
Apparently Darcula focuses on mobile platforms – Android and iOS, and uses 20,000 areas and can easily usurp well -known brands.
It stands out from other similar platforms using RCS and Imessage instead of usual SMS, which makes its attacks more effective.
To make things worse, Darcula allows its users to automatically generate phishing kits for almost all imaginable brands, to convert credit cards into virtual cards, and with the help of generative artificial intelligence (GENAI), they can create phishing messages in almost all languages and on almost any subject.
Darcula operators seem to be of Chinese origin, because most communications are made in closed and Chinese language groups. Researchers have also observed SIM farms and equipment configurations that allow operators to offer mass text messages and credit cards processing via terminals.
A September 2024 report of Zimperium security researchers argued four out of five (82%) of all phishing sites today target mobile devices, as they are generally lower and more often not managed compared to desktop and laptop computers.
Defense against phishing, however, has not changed much. It always revolves around common sense, being skeptical about all incoming messages, especially those who have a feeling of urgency or unexpected attachments.
Click on links in emails and SMS messages, especially those hidden behind a reserved space or URL shortening, is also risky.
Via Bleeping Compompute
