EN, Netcraft

The Bleeding Edge of Phishing: darcula-suite 3.0 Enables DIY Phishing of Any Brand

Key Data

  • darcula-suite represents a significant shift in criminal capabilities, reducing the barrier to entry for bad actors to target any brand with complex, customizable phishing campaigns.
  • Novel use of Headless Chrome and browser automation tool allows even non-technical criminals to quickly and easily clone any brand’s legitimate website and create a phishing version.
  • The latest version of darcula-suite is expected to launch in mid-February. 
  • Since March 2024, Netcraft has detected and blocked more than 90,000 new darcula phishing domains, nearly 31,000 IP addresses, and taken down more than 20,000 fraudulent websites on behalf of Netcraft clients after first exposing darcula.

Overview

The criminals at darcula are back for more blood, and they mean business with one of the more impactful innovations in phishing in recent years. The new version of their “Phishing-as-a-Service” (PhaaS) platform, darcula-suite adds first-of-its-kind personalization capabilities to the previously built darcula V2 platform, using Puppeteer-style tools to allow criminals to build advanced phishing kits that can now target any brand with the click of a button.  

In March 2024, Netcraft analysts exposed the innovative darcula phishing platform, created with advanced capabilities and pre-built phishing content aimed at many of the world’s largest brands, most notably the United States Postal service (USPS). The criminal group behind darcula is set to launch its next wave of innovation in February 2025 with darcula-suite.  

The darcula V2 platform had a major impact on more than 200 brands worldwide, which the criminal organization targeted with pre-built phishing kits in its darcula library. For example, Netcraft has identified and blocked more than 95,000 malicious darcula URLs — and taken down more than 20,000 malicious domains on behalf of clients — over the last 10 months.  

The combination of traditional phishing and smishing with AI-drive

[…]
Content was cut in order to protect the source.Please visit the source for the rest of the article.

This article has been indexed from Netcraft

Read the original article: