Cybercrime just got easier. A new artificial intelligence off-the-shelf phishing kit named darcula now enables even inexperienced cyber criminals to impersonate any corporate brand with a complex, customizable campaign. Phishing generally refers to a form of online fraud where attackers attempt to steal sensitive information such as passwords, credit card numbers, or bank account details.
“The criminals at darcula are back for more blood, and they mean business with one of the more impactful innovations in phishing in recent years. The new version of their “Phishing-as-a-Service” (PhaaS) platform, darcula-suite adds first-of-its-kind personalization capabilities …to allow criminals to build advanced phishing kits that can now target any brand with the click of a button,” says Cybersecurity company, Netcraft.
A new and even more deadly version of darcula-suite is expected to launch sometime before the end of the month. Darcula has already had a major impact on more than 200 brands worldwide, which the criminal organization targeted with pre-built phishing kits. For example, Netcraft has identified and blocked more than 95,000 malicious darcula URL web addresses and taken down more than 20,000 malicious domains over the last 10 months.
DIY phishing kits target any brand
Artificial intelligence (AI)-driven phishing and social-engineered attacks continue to make criminal behavior more accessible to dishonest hackers than ever before. With darcula’s new suite of tools, less technical criminals can now build do-it-yourself (DIY) phishing kits that can impersonate any brand’s website with the click of a button .
“From our analysis, the biggest innovation baked into the darcula-suite is the ability for any user to generate a phishing kit for any brand, regardless of technical ability or prior resources. These on-demand, DIY phishing kits represent a massive risk,” says Netcraft.
Just like legitimate Software-as-a-Service (SaaS) products, the darcula-suite PhaaS platform provides admin dashboards that make it simple for fraudsters to manage their various campaigns. The admin dashboard also offers fraudsters a simplified user interface for managing stolen credit cards and stolen credentials. The darcula dashboards are built on enterprise-grade systems.
“This attention to detail isn’t necessarily an effort to legitimize darcula but rather, make the experience easier and more accessible, just like any other SaaS platform,” says darcula.
