Ptechhub
  • News
  • Industries
    • Enterprise IT
    • AI & ML
    • Cybersecurity
    • Finance
    • Telco
  • Brand Hub
    • Lifesight
  • Blogs
No Result
View All Result
  • News
  • Industries
    • Enterprise IT
    • AI & ML
    • Cybersecurity
    • Finance
    • Telco
  • Brand Hub
    • Lifesight
  • Blogs
No Result
View All Result
PtechHub
No Result
View All Result

Darcula Adds GenAI to Phishing Toolkit, Lowering the Barrier for Cybercriminals

The Hacker News by The Hacker News
April 24, 2025
Home Cybersecurity
Share on FacebookShare on Twitter


Apr 24, 2025Ravie LakshmananPhishing / Cybercrime

The threat actors behind the Darcula phishing-as-a-service (PhaaS) platform have released new updates to their cybercrime suite with generative artificial intelligence (GenAI) capabilities.

“This addition lowers the technical barrier for creating phishing pages, enabling less tech-savvy criminals to deploy customized scams in minutes,” Netcraft said in a fresh report shared with The Hacker News.

“The new AI-assisted features amplify Darcula’s threat potential by simplifying the process to build tailored phishing pages with multi-language support and form generation — all without any programming knowledge.”

Cybersecurity

Darcula was first documented by the cybersecurity company in March 2024 as a toolkit that leveraged Apple iMessage and RCS to send smishing messages to users that trick recipients into clicking on bogus links under the guise of postal services like USPS.

Earlier this year, the operators of Darcula PhaaS began testing a major update that enabled customers to clone any brand’s legitimate website and create a phishing version.

The phishing kit, per PRODAFT, is the work of a threat actor codenamed LARVA-246, and is advertised for sale via a Telegram channel named xxhcvv / darcula_channel. It shares identical features and templates with another PhaaS referred to as Lucid.

Darcula, Lucid, and Lighthouse are assessed to be part of a loosely connected cybercrime ecosystem flourishing out of China, enabling threat actors to pull off various financially motivated scams such as those perpetrated by an activity cluster dubbed Smishing Triad.

“Darcula is one of several communities under the loosely affiliated Smishing-Triad, known for mass-targeting individuals globally via SMS-based phishing (smishing) attacks,” Netcraft said.

What makes Darcula compelling is that it makes it possible for threat actors with little to no technical expertise to easily craft phishing pages and conduct campaigns at scale.

Cybersecurity

The latest improvement to the phishing kit, announced on April 23, 2025, takes the form of GenAI integration that facilitates phishing form generation in various languages, form field customisation, and translation of phishing forms into local languages.

The cybersecurity company said it has taken down more than 25,000 Darcula pages, blocked nearly 31,000 IP addresses, and flagged over 90,000 phishing domains since March 2024.

“This kind of flexibility means a novice attacker can now build and deploy a customized phishing site in minutes,” security researcher Harry Everett said.

Found this article interesting? Follow us on Twitter  and LinkedIn to read more exclusive content we post.





Source link

Tags: computer securitycyber attackscyber newscyber security newscyber security news todaycyber security updatescyber updatesdata breachhacker newshacking newshow to hackinformation securitynetwork securityransomware malwaresoftware vulnerabilitythe hacker news
The Hacker News

The Hacker News

Next Post
Zimperium positioned as a Leader in the 2025 SPARK Matrix™: In-App Protection by QKS Group

Zimperium positioned as a Leader in the 2025 SPARK Matrix™: In-App Protection by QKS Group

Recommended.

Zoomlions gleichnamiger Satellit erreicht seine Umlaufbahn – neue Ära im Maschinenbau mit einer digitalen, intelligenten, grünen und globalen Vision

Zoomlions gleichnamiger Satellit erreicht seine Umlaufbahn – neue Ära im Maschinenbau mit einer digitalen, intelligenten, grünen und globalen Vision

August 12, 2025
Government faces claims of serious security and data protection problems in One Login digital ID | Computer Weekly

Government faces claims of serious security and data protection problems in One Login digital ID | Computer Weekly

April 14, 2025

Trending.

⚡ Weekly Recap: Oracle 0-Day, BitLocker Bypass, VMScape, WhatsApp Worm & More

⚡ Weekly Recap: Oracle 0-Day, BitLocker Bypass, VMScape, WhatsApp Worm & More

October 6, 2025
Cloud Computing on the Rise: Market Projected to Reach .6 Trillion by 2030

Cloud Computing on the Rise: Market Projected to Reach $1.6 Trillion by 2030

August 1, 2025
Stocks making the biggest moves midday: Autodesk, PayPal, Rivian, Nebius, Waters and more

Stocks making the biggest moves midday: Autodesk, PayPal, Rivian, Nebius, Waters and more

July 14, 2025
The Ultimate MSP Guide to Structuring and Selling vCISO Services

The Ultimate MSP Guide to Structuring and Selling vCISO Services

February 19, 2025
Translators’ Voices: China shares technological achievements with the world for mutual benefit

Translators’ Voices: China shares technological achievements with the world for mutual benefit

June 3, 2025

PTechHub

A tech news platform delivering fresh perspectives, critical insights, and in-depth reporting — beyond the buzz. We cover innovation, policy, and digital culture with clarity, independence, and a sharp editorial edge.

Follow Us

Industries

  • AI & ML
  • Cybersecurity
  • Enterprise IT
  • Finance
  • Telco

Navigation

  • About
  • Advertise
  • Privacy & Policy
  • Contact

Subscribe to Our Newsletter

  • About
  • Advertise
  • Privacy & Policy
  • Contact

Copyright © 2025 | Powered By Porpholio

No Result
View All Result
  • News
  • Industries
    • Enterprise IT
    • AI & ML
    • Cybersecurity
    • Finance
    • Telco
  • Brand Hub
    • Lifesight
  • Blogs

Copyright © 2025 | Powered By Porpholio