Darcula is a new phishing-as-a-service (PhaaS) that targets Android and iPhone consumers in more than 100 countries by using 20,000 domains to impersonate brands and collect login credentials.
With more than 200 templates available to fraudsters, Darcula has been used against a wide range of services and organisations, including the postal, financial, government, tax, and utility sectors as well as telcos and airlines.
One feature that distinguishes the service is that it contacts the targets over the Rich Communication Services (RCS) protocol for Google Messages and iMessage rather than SMS for sending phishing messages.
Darcula’s phishing service
Darcula was first discovered by security researcher Oshri Kalfon last summer, but according to Netcraft researchers, the platform is becoming increasingly popular in the cybercrime sphere, having lately been employed across numerous high-profile incidents.
This article has been indexed from CySecurity News – Latest Information Security and Hacking Incidents
Read the original article: