Security News > 2024 > March > New Darcula phishing service targets iPhone users via iMessage
One thing that makes the service stand out is that it approaches the targets using the Rich Communication Services protocol for Google Messages and iMessage instead of SMS for sending phishing messages.
"The Darcula platform has been used for numerous high-profile phishing attacks over the last year, including messages received on both Apple and Android devices in the UK, as well as package scams impersonating United States Postal Service highlighted in numerous posts on Reddit's /r/phishing." - Netcraft.
Unlike traditional phishing methods, Darcula employs modern technologies like JavaScript, React, Docker, and Harbor, enabling continuous updates and new feature additions without clients needing to reinstall the phishing kits.
The phishing kit offers 200 phishing templates that impersonate brands and organizations in more than 100 countries.
Abandoning SMS. Darcula diverges from traditional SMS-based tactics and instead utilizes RCS and iMessage to send victims messages with links to the phishing URL. The advantage from this is that the recipients are more likely to perceive the communication as legitimate, trusting the additional safeguards that aren't available in SMS. Moreover, since RCS and iMessage support end-to-end encryption, it is impossible to intercept and block phishing messages based on their content.
New MFA-bypassing phishing kit targets Microsoft 365, Gmail accounts.