Ptechhub
  • News
  • Industries
    • Enterprise IT
    • AI & ML
    • Cybersecurity
    • Finance
    • Telco
  • Brand Hub
    • Lifesight
  • Blogs
No Result
View All Result
  • News
  • Industries
    • Enterprise IT
    • AI & ML
    • Cybersecurity
    • Finance
    • Telco
  • Brand Hub
    • Lifesight
  • Blogs
No Result
View All Result
PtechHub
No Result
View All Result

Darcula Adds GenAI to Phishing Toolkit, Lowering the Barrier for Cybercriminals

The Hacker News by The Hacker News
April 24, 2025
Home Cybersecurity
Share on FacebookShare on Twitter


Apr 24, 2025Ravie LakshmananPhishing / Cybercrime

The threat actors behind the Darcula phishing-as-a-service (PhaaS) platform have released new updates to their cybercrime suite with generative artificial intelligence (GenAI) capabilities.

“This addition lowers the technical barrier for creating phishing pages, enabling less tech-savvy criminals to deploy customized scams in minutes,” Netcraft said in a fresh report shared with The Hacker News.

“The new AI-assisted features amplify Darcula’s threat potential by simplifying the process to build tailored phishing pages with multi-language support and form generation — all without any programming knowledge.”

Cybersecurity

Darcula was first documented by the cybersecurity company in March 2024 as a toolkit that leveraged Apple iMessage and RCS to send smishing messages to users that trick recipients into clicking on bogus links under the guise of postal services like USPS.

Earlier this year, the operators of Darcula PhaaS began testing a major update that enabled customers to clone any brand’s legitimate website and create a phishing version.

The phishing kit, per PRODAFT, is the work of a threat actor codenamed LARVA-246, and is advertised for sale via a Telegram channel named xxhcvv / darcula_channel. It shares identical features and templates with another PhaaS referred to as Lucid.

Darcula, Lucid, and Lighthouse are assessed to be part of a loosely connected cybercrime ecosystem flourishing out of China, enabling threat actors to pull off various financially motivated scams such as those perpetrated by an activity cluster dubbed Smishing Triad.

“Darcula is one of several communities under the loosely affiliated Smishing-Triad, known for mass-targeting individuals globally via SMS-based phishing (smishing) attacks,” Netcraft said.

What makes Darcula compelling is that it makes it possible for threat actors with little to no technical expertise to easily craft phishing pages and conduct campaigns at scale.

Cybersecurity

The latest improvement to the phishing kit, announced on April 23, 2025, takes the form of GenAI integration that facilitates phishing form generation in various languages, form field customisation, and translation of phishing forms into local languages.

The cybersecurity company said it has taken down more than 25,000 Darcula pages, blocked nearly 31,000 IP addresses, and flagged over 90,000 phishing domains since March 2024.

“This kind of flexibility means a novice attacker can now build and deploy a customized phishing site in minutes,” security researcher Harry Everett said.

Found this article interesting? Follow us on Twitter  and LinkedIn to read more exclusive content we post.





Source link

Tags: computer securitycyber attackscyber newscyber security newscyber security news todaycyber security updatescyber updatesdata breachhacker newshacking newshow to hackinformation securitynetwork securityransomware malwaresoftware vulnerabilitythe hacker news
The Hacker News

The Hacker News

Next Post
Zimperium positioned as a Leader in the 2025 SPARK Matrix™: In-App Protection by QKS Group

Zimperium positioned as a Leader in the 2025 SPARK Matrix™: In-App Protection by QKS Group

Recommended.

INTAMSYS lance l’imprimante FUNMAT PRO 310 APOLLO : une redéfinition de la production en continu grâce à l’impression en 3D PAEK à haute vitesse et à haute résistance

INTAMSYS lance l’imprimante FUNMAT PRO 310 APOLLO : une redéfinition de la production en continu grâce à l’impression en 3D PAEK à haute vitesse et à haute résistance

November 21, 2025
OPTICAL CABLE CORPORATION SCHEDULES CONFERENCE CALL TO DISCUSS FOURTH QUARTER AND FISCAL YEAR 2025 RESULTS

OPTICAL CABLE CORPORATION SCHEDULES CONFERENCE CALL TO DISCUSS FOURTH QUARTER AND FISCAL YEAR 2025 RESULTS

December 16, 2025

Trending.

CELLCOM ISRAEL LTD. Announcement of A Special General Meeting of The Shareholders of The Company

CELLCOM ISRAEL LTD. Announcement of A Special General Meeting of The Shareholders of The Company

May 21, 2025
Veeam Debuts Data Resiliency Maturity Model To Assess, Improve Customers’ Cyber Resiliency

Veeam Debuts Data Resiliency Maturity Model To Assess, Improve Customers’ Cyber Resiliency

April 23, 2025
Insurance Modernization at Risk as Workforce Strategies Fall Behind, Says Info-Tech Research Group

Insurance Modernization at Risk as Workforce Strategies Fall Behind, Says Info-Tech Research Group

May 8, 2026
VNET Wins 40MW Wholesale Order from Leading Internet Company for Its New Strategic IDC Campus

VNET Wins 40MW Wholesale Order from Leading Internet Company for Its New Strategic IDC Campus

September 11, 2025
OpenTable Launches All-in-One Marketplace for Private and Group Dining

OpenTable Launches All-in-One Marketplace for Private and Group Dining

September 16, 2025

PTechHub

A tech news platform delivering fresh perspectives, critical insights, and in-depth reporting — beyond the buzz. We cover innovation, policy, and digital culture with clarity, independence, and a sharp editorial edge.

Follow Us

Industries

  • AI & ML
  • Cybersecurity
  • Enterprise IT
  • Finance
  • Telco

Navigation

  • About
  • Advertise
  • Privacy & Policy
  • Contact

Subscribe to Our Newsletter

  • About
  • Advertise
  • Privacy & Policy
  • Contact

Copyright © 2025 | Powered By Porpholio

No Result
View All Result
  • News
  • Industries
    • Enterprise IT
    • AI & ML
    • Cybersecurity
    • Finance
    • Telco
  • Brand Hub
    • Lifesight
  • Blogs

Copyright © 2025 | Powered By Porpholio