Cyber Criminals Can Clone Branded Websites

Uploaded on 2025-03-04 in NEWS-Cybersecurity News, FREE TO VIEW

The cyber criminal software developers behind the Darcula Phishing-as-a-Service (PhaaS) platform are developing a new version enabling cyber criminals to clone any brand's legitimate website and create a phishing version. Their aim is to reduce the technical expertise required to carry out phishing attacks at scale.

The new version adds first-of-its-kind personalisation capabilities to the previously built Darcula V2 platform, using tools to allow criminals to build advanced phishing kits that can target any brand's website with the click of a button.  

The latest iteration of the phishing suite "represents a significant shift in criminal capabilities, reducing the barrier to entry for bad actors to target any brand with complex, customisable phishing campaigns," according to an analysis from Netcraft

The cyber security company said it has detected and blocked more than 95,000 new Darcula phishing domains, nearly 31,000 IP addresses, and taken down more than 20,000 fraudulent websites since it was exposed in late March 2024.

The most  significant change incorporated into Darcula v.3  is the ability for any user to generate a phishing kit for any brand on-demand.

"The new and remastered version is now ready for testing," the core developers behind the service said in a post made on January 19, 2025, in a Telegram channel that has over 1,200 subscribers. "Now, you can also customise the front-end yourself. Using Darcula-suite, you can complete the production of a front-end in 10 minutes." All a customer has to do is provide the URL of the brand to be impersonated in a web interface, with the platform employing a browser automation tool like Puppeteer to export the HTML and all required assets.

Users can then select the HTML element to replace and inject the phishing content (e.g., payment forms and login fields) such that it matches the look and feel of the branded landing page. The generated phishing page is then uploaded to an admin panel.

Besides featuring dashboards that highlight the aggregated performance statistics of the phishing campaigns, Darcula v3 goes a step further by offering a way to convert the stolen credit card details into a virtual image of the victim's card that can be scanned and added to a digital wallet for illicit purposes. The cards are loaded onto disposable 'burner' phones and sold to other criminals.

For managing phishing campaigns, Darcula offers an easy-to-use interface that aggregates a variety of performance metrics. 

Without having to do anything, their phishing attacks benefit from a variety of anti-detection measures including IP blocking aimed at cyber security companies and user agent blocking designed to fend off Web crawlers. 

Netcraft   |   The Hacker News     |     Netcraft     |     Dark Reading     |     Bleeping Computer  |   SC Media     |    

Facebook

Image: Ideogram

You Might Also Read: 

AI-Based Phishing Attacks Demand A Multi-Pronged Response:

If you like this website and use the comprehensive 7,000-plus service supplier Directory, you can get unrestricted access, including the exclusive in-depth Directors Report series, by signing up for a Premium Subscription.

  • Individual £5 per month or £50 per year. Sign Up
  • Multi-User, Corporate & Library Accounts Available on Request

Cyber Security Intelligence: Captured Organised & Accessible

 

« Cyber Doomsday Warnings Do More Harm Than Good
Salt Typhoon Exploited Cisco Vulnerabilities »

CyberSecurity Jobsite
Check Point
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

ManageEngine

ManageEngine

As the IT management division of Zoho Corporation, ManageEngine prioritizes flexible solutions that work for all businesses, regardless of size or budget.

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

The PC Support Group

The PC Support Group

A partnership with The PC Support Group delivers improved productivity, reduced costs and protects your business through exceptional IT, telecoms and cybersecurity services.

XYPRO Technology

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

Prim'X Technologies

Prim'X Technologies

Prim'X Technologies provides information protection solutions to prevent unauthorised access to sensitive data.

CyberDef

CyberDef

CyberDef is a consulting company specialising in cyber defence services for small and medium enterprises.

BCS Financial

BCS Financial

BCS Financial delivers financial and insurance solutions. Specialty risk products include Cyber and Privacy Liability insurance.

Herbert Smith Freehills

Herbert Smith Freehills

Herbert Smith Freehills is a leading professional services including data protection and privacy.

CERT-PH

CERT-PH

CERT-PH is the National Computer Emergency Response Team and the highest body for cybersecurity related activities in the Philippines.

RCDevs

RCDevs

RCDevs is an award-winning Software company providing security solutions designed for modern enterprise technologies and suited for SMEs to large corporations.

Assertion

Assertion

Assertion secures your collaboration (UC/CC) systems from cyber risks. Enforcing the right set of controls and monitoring them continually brings down risk to acceptable levels.

Recruit.net

Recruit.net

Recruit.net allows job seekers to instantly find millions of jobs from thousands of web sites with a single search.

Guardian Data Destruction

Guardian Data Destruction

Guardian Data Destruction provides a comprehensive suite of onsite e-data destruction services.

BridgingMinds Network

BridgingMinds Network

BridgingMinds Network is an industry leading best practices and IT security training provider in Singapore.

Maltego Technologies

Maltego Technologies

Maltego is a comprehensive tool for graphical link analyses that offers real-time data mining and information gathering. Applications include cybersecurity threat intelligence and incident response.

Security Compliance Associates (SCA)

Security Compliance Associates (SCA)

The sole focus of SCA is safeguarding critical information and complying with information security regulations.

SentryMark

SentryMark

Stay a Step Ahead of Emerging Threats. Deviate from the traditional siloed defenses and get the proactive and responsive cybersecurity solutions and services you deserve with SentryMark today.

Roundsec

Roundsec

Roundsec provide information security services including risk assessment and pentesting of sites and apps.

Five Tattva (5Tattva)

Five Tattva (5Tattva)

At 5TATTVA, we stand at the forefront of cybersecurity, dedicated to providing comprehensive solutions that fortify your digital defences.

Attaxion

Attaxion

Attaxion is an External Attack Surface Management (EASM) Platform. We offer attack surface management solutions with #1 asset coverage and laser-focused, actionable intelligence.