Cyber Criminals Can Clone Branded Websites

Uploaded on 2025-03-04 in NEWS-Cybersecurity News, FREE TO VIEW

The cyber criminal software developers behind the Darcula Phishing-as-a-Service (PhaaS) platform are developing a new version enabling cyber criminals to clone any brand's legitimate website and create a phishing version. Their aim is to reduce the technical expertise required to carry out phishing attacks at scale.

The new version adds first-of-its-kind personalisation capabilities to the previously built Darcula V2 platform, using tools to allow criminals to build advanced phishing kits that can target any brand's website with the click of a button.  

The latest iteration of the phishing suite "represents a significant shift in criminal capabilities, reducing the barrier to entry for bad actors to target any brand with complex, customisable phishing campaigns," according to an analysis from Netcraft

The cyber security company said it has detected and blocked more than 95,000 new Darcula phishing domains, nearly 31,000 IP addresses, and taken down more than 20,000 fraudulent websites since it was exposed in late March 2024.

The most  significant change incorporated into Darcula v.3  is the ability for any user to generate a phishing kit for any brand on-demand.

"The new and remastered version is now ready for testing," the core developers behind the service said in a post made on January 19, 2025, in a Telegram channel that has over 1,200 subscribers. "Now, you can also customise the front-end yourself. Using Darcula-suite, you can complete the production of a front-end in 10 minutes." All a customer has to do is provide the URL of the brand to be impersonated in a web interface, with the platform employing a browser automation tool like Puppeteer to export the HTML and all required assets.

Users can then select the HTML element to replace and inject the phishing content (e.g., payment forms and login fields) such that it matches the look and feel of the branded landing page. The generated phishing page is then uploaded to an admin panel.

Besides featuring dashboards that highlight the aggregated performance statistics of the phishing campaigns, Darcula v3 goes a step further by offering a way to convert the stolen credit card details into a virtual image of the victim's card that can be scanned and added to a digital wallet for illicit purposes. The cards are loaded onto disposable 'burner' phones and sold to other criminals.

For managing phishing campaigns, Darcula offers an easy-to-use interface that aggregates a variety of performance metrics. 

Without having to do anything, their phishing attacks benefit from a variety of anti-detection measures including IP blocking aimed at cyber security companies and user agent blocking designed to fend off Web crawlers. 

Netcraft   |   The Hacker News     |     Netcraft     |     Dark Reading     |     Bleeping Computer  |   SC Media     |    

Facebook

Image: Ideogram

You Might Also Read: 

AI-Based Phishing Attacks Demand A Multi-Pronged Response:

If you like this website and use the comprehensive 7,000-plus service supplier Directory, you can get unrestricted access, including the exclusive in-depth Directors Report series, by signing up for a Premium Subscription.

  • Individual £5 per month or £50 per year. Sign Up
  • Multi-User, Corporate & Library Accounts Available on Request

Cyber Security Intelligence: Captured Organised & Accessible

 

« Cyber Doomsday Warnings Do More Harm Than Good
Salt Typhoon Exploited Cisco Vulnerabilities »

ManageEngine
CyberSecurity Jobsite
Check Point
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

LockLizard

LockLizard

Locklizard provides PDF DRM software that protects PDF documents from unauthorized access and misuse. Share and sell documents securely - prevent document leakage, sharing and piracy.

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

BackupVault

BackupVault

BackupVault is a leading provider of automatic cloud backup and critical data protection against ransomware, insider attacks and hackers for businesses and organisations worldwide.

Alvacomm

Alvacomm

Alvacomm offers holistic VIP cybersecurity services, providing comprehensive protection against cyber threats. Our solutions include risk assessment, threat detection, incident response.

Tines

Tines

The Tines security automation platform helps security teams automate manual tasks, making them more effective and efficient.

BH Consulting

BH Consulting

BH Consulting we are a vendor independent consulting firm providing market leading range of information security services focused on data protection and cybersecurity.

DomainTools

DomainTools

DomainTools is the global leader for internet intelligence and the first place security practitioners go when they need to know.

Nexthink

Nexthink

Using our solution, hundreds of IT departments effectively balance offering a productive and enjoyable end-user experience with making the right decisions to secure and transform the digital workplace

Open Systems International (OSI)

Open Systems International (OSI)

Our innovative Operations Technology (OT) solutions are highly scalable and can be deployed by various utility companies to monitor, control and optimize their real-time operations.

Redjack

Redjack

Redjack is a cutting-edge network analytics company focused on enterprise and ISP security and intelligence solutions.

Department of Energy - Cybersecurity, Energy Security, and Emergency Response (CESER) - USA

Department of Energy - Cybersecurity, Energy Security, and Emergency Response (CESER) - USA

The Office of Cybersecurity, Energy Security, and Emergency Response (CESER) addresses the emerging threats of tomorrow while protecting the reliable flow of energy to Americans today.

XLAB

XLAB

XLAB is an R&D company with a strong research background in the fields of distributed systems, cloud computing, security and dependability of systems.

Digital Resolve

Digital Resolve

Digital Resolve delivers solutions that help companies maintain trust and confidence through proven and cost-effective fraud-protection and identity intelligence technology.

InterVision

InterVision

InterVision is a leading Strategic Services Provider, assisting businesses in driving value and gaining a competitive edge by helping IT Leaders solve the most crucial challenges they face.

Swisscom Blockchain

Swisscom Blockchain

Swisscom Blockchain is focused on supporting the implementation and adaption of Blockchain-based platforms in enterprises across diverse industries.

Iterasec

Iterasec

Iterasec provides a full range of security services to hacker-proof your products and make software engineering process secure by design.

Infisign

Infisign

Infisign addresses the challenges of traditional IAM systems and offers a comprehensive solution for modern identity management.

ProjectDiscovery

ProjectDiscovery

ProjectDiscovery is an open-source, cybersecurity company that builds a range of software for security engineers and developers.

Offensive Security Manager (OSM)

Offensive Security Manager (OSM)

Offensive Security Manager is the ultimate AI software that will enforce offensive security automation, orchestration, coverage, ensure quality, and lets you manage whole process.

Ingenics Digital

Ingenics Digital

Ingenics Digital is a recognized initiator and leading service provider in the areas of software development and embedded systems.

Lenze

Lenze

Lenze are an experienced partner for automation systems, digitalization and cyber security.