Global Darcula Phishing Scam Targets Phones in 100+ Countries
March 28, 2024Oshri Kalfon, an Israeli researcher, uncovered Darcula, a leading phishing-as-a-service platform.
Darcula has created 20,000 phishing domains and operates in over 100 countries, targeting both Android and iPhone users.
The service offers more than 200 templates to mimic legitimate brands and employs advanced technologies for updates.
Unlike traditional phishing schemes, Darcula uses RCS and iMessage, complicating efforts to intercept and block phishing messages.
Despite its widespread operation, Darcula encounters restrictions from tech giants like Apple and Google.
An average of 120 new Darcula phishing domains have been detected daily by Netcraft since the beginning of 2024.
The platform mainly focuses on postal services and targets Chinese-language speaking cybercriminals.
Consumers are urged to be cautious of unexpected messages with URLs and to watch for errors or suspiciously enticing offers to avoid Darcula scams.
Summary based on 3 sources
Get a daily email with more Tech stories
Sources
BleepingComputer • Mar 27, 2024
New Darcula phishing service targets iPhone users via iMessageDark Reading • Mar 27, 2024
'Darcula' Phishing-as-a-Service Operation Bleeds Victims WorldwideHelp Net Security • Mar 27, 2024
Attackers leverage weaponized iMessages, new phishing-as-a-service platform - Help Net Security