Zettawise Cyber Range focusses on assessing the vulnerabilities involved in the process safety, system reliability and physical reliability of the Operating Technology of the Critical Infrastructures.
Member of :

Zettawise Consulting is a part of the joint workforce of SASTRA (RRU, Ministry of Home Affairs, Govt of India) under the aegis of “AtmaNirbhar and AtmaSurakshit Bharat Mission” of Govt of India.
Get Consultation

Cyber Threat Alert: 'DARCULA' Phishing Platform Set to Unveil More Advanced Version

25 Feb 2025 By , , ,

Version 3 makes phishing easier—just Cut n Paste a brand’s URL and let automation do the rest

A new version (Version 3.0) of the phishing-as-a-service (PhaaS) platform "Darcula" is launching. It includes a feature that allows anyone to spoof any brand online with no technical skill required. 

Darcula's last version (V2) was designed to be sleek and user-friendly. It provided hundreds of templates, enabling users to craft phishing content that imitated companies worldwide. The latest update pushes these capabilities further. Now users only need to copy and paste any URL, and Darcula will generate a complete phishing kit (https://www.netcraft.com/blog/darcula-v3-phishing-kits-targeting-any-brand/), whether the target is Tata, Zettawise, or a neighborhood cafe. 

The latest version of Darcula, V3, is currently being tested by users. Researchers at Netcraft anticipate its release later this month.  

Inside Darcula: How the Scams Operate  

Darcula V2 provided over 200 phishing templates, helping users replicate businesses from more than 100 countries. These templates ranged from global brands like Netflix and Poshmark to regional companies such as Vodafone Qatar and UPS Mexico. Most were designed to imitate delivery services

Graham Edgecombe, director of engineering at Netcraft said that they specialized in SMS scams where victims are told they have a parcel waiting. When they click the link, they are asked to enter their credit card details, often under the claim of an unpaid customs fee. 



The new V3 is far more advanced. Users now only need to enter the URL of any company’s website they want to clone. Darcula then employs a browser automation tool to scrape and extract the webpage’s HTML, images, and style sheets. It generates an identical copy, allowing users to replace specific elements with phishing forms. For example, a user could retain the header and footer of a local coffee shop’s homepage while replacing the main content with a form for collecting personal information, credit card details, or two-factor authentication codes. To make the fake page look authentic, users can also adjust the design and layout of any fields, buttons, or features.

Darcula has introduced a new capability for those wanting to extend their scams beyond the internet. The platform can now generate digital images of stolen credit cards, which can be loaded into mobile wallets.

With a user-friendly dashboard, Darcula makes it easy to track phishing campaigns and analyze key performance metrics. Scammers can activate Telegram alerts for real-time victim notifications. The platform also includes stealth features like IP blocking against cybersecurity firms and user agent restrictions to evade detection. 

(Image Courtesy: Netcraft.com - Darcula-Suite orchestrating a browser to visit any provided URL and extract the assets)

 


 

Recent Articles

04 Mar 2025
Cybersecurity Laws in India: Challenges and Loopholes
28 Feb 2025
Cyber Threat Alert: "ANUBIS" Ransomware Group Actively Targeting Critical Infrastructure
25 Feb 2025
Cyber Threat Alert: 'DARCULA' Phishing Platform Set to Unveil More Advanced Version