The Darcula phishing-as-a-service platform has stolen approximately 884,000 credit cards from users globally through deceptive SMS messages over a seven-month period. Investigative efforts by multiple organizations revealed the platform’s elaborate operation, including the use of advanced tactics and tools like ‘Magic Cat.’ This cybercrime service has evolved rapidly, enabling operators to efficiently craft targeted phishing campaigns across various communication channels.
Keypoints :
- Darcula platform stole 884,000 credit cards from 13 million clicks on malicious links from SMS phishing texts.
- Research identified 600 cybercrime operators and the platform’s primary creator, linked to a 24-year-old individual in China.
- Darcula targets users in over 100 countries using spoofed brand domains and sophisticated phishing techniques, including SMS and RCS/iMessage.
- Operators utilized a powerful phishing toolkit called ‘Magic Cat,’ which enhances the effectiveness of their attacks.
- The platform has introduced features like auto-generating phishing kits, credit card converters, and generative AI for crafting scams.
- Investigation uncovered lavish lifestyles of scammers financed through the operation, monitored through closed Telegram groups.
- Despite company claims of shutting down Magic Cat, new versions continue to emerge.