Phishing as a service Darcula may become the next best thing

Posted on by tech

Nobody has ever heard of Darcula, until now.

Dracula hacking

This is probably one of the biggest things that I’ve ever seen. According to the article, this thing will be able to pull full web pages and have it used in campaigns. With a better user interface and control panel, you don’t need any technical skills to do anything.

The Darcula phishing-as-a-service (PhaaS) platform is preparing to release its third major version, with one of the highlighted features, the ability to create do-it-yourself phishing kits to target any brand.

The upcoming release, currently available as a beta, will remove the targeting scope restrictions by offering a finite number of phishing kits and allowing anyone to create their own.

In addition to this new feature, the upcoming release, named ‘Darcula Suite,’ also lifts technical skills requirements, a new user-friendly admin dashboard, IP and bot filtering, campaign performance measurement, and automated credit card theft/digital wallet loading.

According to the article, this emerged last year with at least 20,000 domains that are ready to go. Now we need to start trying to figure out what it would take for registrars to start asking questions on what domains are being used for. For a group of people to have this many domains available is beyond unacceptible and I think accessive.

With a much more powerful version underway, Netcraft warns that cybercriminals are moving to it even if the official release isn’t out yet.

The article continues:

“The pull count of the API image has increased by more than 100% and the web image by more than 50% from February 5 to February 10.”

Announcing the availability of Darcula 3.0 test version

The image is a screenshot of a social media post on Telegram. It contains a blurred image with a message stating “Media is too big” and a button labeled “VIEW IN TELEGRAM.” Below the image, there is a message about a new version (V3) available for testing, with redesigned functions allowing customization of a front desk via the “darcula-suite.” It’s in the internal testing stage and will be updated to stable after the New Year. A date and time stamp are visible.

DIY Phishing

For those who do not know, DIY stands for Do It Yourself.

The highlighted feature of the upcoming Darcula Suite is the DIY phishing kit generator that lets “customers” insert the URL for the brand they want to impersonate. The platform will then automatically generate all the required templates for the attack.

The platform clones the legitimate site using the Puppeteer tool, copying the HTML, CSS, images, and JavaScript, to maintain the original design.
Cloning a legitimate site

To add insult to injury,

The fraudster may choose which elements to modify, such as the login fields, payment forms, and two-factor authentication prompts, replace them with phishing pages, use custom error messages, or modify JavaScript to steal input data.

Darcula Suite offers pre-made templates, like fake password reset pages, credit card payment forms, and 2FA code entry prompts.

There is a lot more, so check out the entire article.

Cloning a legitimate site

The image appears to be a screenshot of a computer screen. It includes a central pop-up window containing a form with fields labeled for URL input and options to save. The background shows text in Chinese characters saying “????v3.” Part of a browser window is visible, with webpage elements and code being fetched from a site. The overall color scheme is a blue tint.
Injected payment form for credit card phishing

The article is titled Darcula PhaaS can now auto-generate phishing kits for any brand and you should be paying attention to it.

This is going to get very interesting. Very interesting.

Discover more from The Technology blog and podcast

Subscribe to get the latest posts sent to your email.

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Related Posts