Darcula
Darcula is a "phishing as a service" (PhaaS) Chinese-language platform which has been used in phishing attacks against organizations (government, airlines) and services (postal, financial) in over 100 countries.[1][2] Darcula offers to cybercriminals more than 20,000 counterfeit domains (to spoof brands) and over 200 templates.[1][2] Darcula uses iMessage and RCS (Rich Communication Services) to steal credentials from Android and iPhone users.[3]
In May 2025, the Norwegian Broadcasting Corporation (NRK) in collaboration with BR, Le Monde, and the Norwegian cybersecurity company mnemonic reported on Darcula.[4][5][6][7] They reported that the group was able to steal a total of 884,000 credit cards from victims during a period of seven months between 2023 and 2024. They also claim that the software used by the group, Magic Cat, was developed by Yucheng C., a 24-year old man from Henan, China.[8]
References
[edit]- ^ a b "Darcula Phishing Network Leveraging RCS and iMessage to Evade Detection". The Hacker News.
- ^ a b "New Darcula phishing service targets iPhone users via iMessage". BleepingComputer.
- ^ "'Darcula' Phishing-as-a-Service Operation Bleeds Victims Worldwide". www.darkreading.com.
- ^ "Inside the Scam Network". nrk.no.
- ^ "The Chinese Scammers Behind the Fake DHL Messages". br.de.
- ^ "« Votre colis n'a pas pu être livré » : enquête sur les arnaques à la carte bancaire par SMS". lemonde.fr.
- ^ "Exposing Darcula: a rare look behind the scenes of a global Phishing-as-a-Service operation". mnemonic.io.
- ^ "The Hunt for Darcula". nrk.no.
 | This computer security article is a stub. You can help Wikipedia by expanding it. |
 | This article needs additional or more specific categories. (November 2024) |