CyberSecurity news
FlagThis - #darcula
|
@computerworld.com
//
The Darcula phishing-as-a-service (PhaaS) platform has recently integrated generative AI capabilities, marking a significant escalation in phishing threats. This update allows even individuals with limited technical skills to create highly convincing phishing pages at an unprecedented speed and scale. Security researchers spotted the update on April 23, 2025, noting that the addition of AI makes it simple to generate phishing forms in any language and translate them for new locations, simplifying the process to build tailored phishing pages with multi-language support and form generation — all without any programming knowledge.
The new AI-assisted features amplify Darcula's threat potential and include tools for customizing input forms and enhancing the layout and visual styling of cloned websites, according to Netcraft. The service allows users to provide a URL for any legitimate brand or service, after which Darcula downloads all of the assets from the legitimate website and creates a version that can be edited. Subscribers can then inject phishing forms or credential captures into the cloned website, which looks just like the original. The integration of generative AI streamlines this process, enabling less tech-savvy criminals to deploy customized scams in minutes. This development lowers the technical barrier for creating phishing pages and is considered to be 'democratizing cybercrime'. Netcraft, a cybersecurity company, has reported taking down more than 25,000 Darcula pages and blocking nearly 31,000 IP addresses since March 2024. The Darcula suite uses iMessage and RCS to send text messages, which allows the messages to bypass SMS firewalls. Because of this, enterprise security teams now face an immediate escalation in phishing threats.
Share:
References :
Classification:
@www.bleepingcomputer.com
//
The Darcula phishing-as-a-service (PhaaS) platform is set to launch its third major version, Darcula 3.0, offering cybercriminals unprecedented capabilities. A key feature is the ability for even tech-illiterate individuals to create and deploy do-it-yourself phishing kits targeting any brand globally. This is made possible through browser automation tools like Puppeteer and Headless Chrome, allowing users to clone legitimate websites and inject malicious content with minimal effort. The platform also simplifies the creation of phishing kits by extracting assets and HTML structure from targeted brand websites, enabling fraudsters to customize templates and generate multi-step pages for data collection, such as payment details and two-factor authentication codes.
The updated Darcula platform includes a user-friendly interface that automates the creation of phishing kits. The final product is exported as a “.cat-page” bundle, deployable via Darcula’s admin panel. The admin panel, resembling legitimate Software-as-a-Service (SaaS) platforms, provides dashboards to manage stolen data, monitor campaigns, and configure advanced deception techniques. Built using technologies like Docker, React, and SQLite, it offers IP filtering, web crawler blocking, and device-specific access restrictions to evade detection. The platform also facilitates monetization of stolen data by enabling fraudsters to generate virtual cards from compromised payment details.
Share:
References :
Classification:
|