The harmful Darcula platform, providing phishing services for PHAAS models, is preparing to release the third version, which will significantly expand its capabilities. Information about the new version is important for understanding modern cyberosis and methods of protection against them.
The key innovation will be the “Make yourself” phishing sets, which allows users to conduct complex attacks, imitating any brands. The previous restrictions were removed in the tested beta version of Darcula 3.0: instead of a fixed set of templates, users will be able to generate their own phishing sets, simply indicating the URL addresses of the desired site.
The cloning mechanism is based on the Puppeteer tool, which copies the structure of the original site, including HTML, CSS, Images and JavaScript. Thus, the most accurate copy is created with the possibility of replacing elements, such as authorization forms, pages of entering payment data and two-factor authentication.
In addition, Darcula Suite received a new administrator interface with the functions of blocking bots, filtering IP addresses, monitoring the effectiveness of attacks and convenient campaigns control. Among other innovations – an automatic embedding system of stolen data of payment cards in digital wallets and a tool for creating virtual cards for convenient use of stolen information.
Researchers from Netcraft tested beta version of Darcula 3.0 And they confirmed the declared functionality. According to them, the number of downloads of the images of the containers necessary for the Darcula work, from February 5 to 10, increased more than doubled, which indicates the high interest of attackers in a new tool.
Darcula platform appeared on the market last year using more than 20,000 domains for attacks on iOS and Android users in 100 countries. Netcraft warns that with the release of the third version, the scale of phishing attacks can increase significantly. Over the past ten months, the company’s specialists blocked about 100,000 domains related to Darcula 2.0, and identified 20,000 phishing sites, as well as 31,000 IP addresses used by the platform.
The development of platforms like Darcula emphasizes the need to constant cybersecurity methods and increase user awareness. Modern methods allow attackers to create more and more sophisticated attacks, which requires specialists and organizations of operational response and implementation of advanced protective decisions.