This new phishing attack targets iPhone and Android via RCS


A novel phishing service dubbed “Darcula” has been uncovered by researchers at Netcraft, showcasing an innovative approach to targeting iOS and Android users. What sets Darcula apart is its utilization of the Rich Communication Services (RCS) protocol, which it leverages to reach potential victims through Google Messages and iMessage, departing from the conventional Short Message System (SMS) used by typical phishing attempts.

The shift to RCS is motivated by two key factors. Firstly, RCS messages present a heightened sense of authenticity, enhancing the credibility of the phishing messages. Secondly, these messages benefit from end-to-end encryption, rendering them impervious to interception and immune to blocking based solely on message content.

While the exact number of recipients of these phishing messages remains unknown, they have been distributed across more than 100 countries globally. Hackers utilizing the Darcula service have a plethora of options at their disposal, with access to over 200 phishing templates and the ability to impersonate various organizations spanning postal services, financial institutions, government agencies, telecommunications providers, airlines, and utilities.


Upon subscribing to the service, threat actors gain access to a wide array of companies and can create dedicated phishing websites meticulously crafted to mimic legitimate entities, complete with accurately replicated fonts, logo images, and other elements. Described as “high quality” by researchers, these phishing websites have been utilized in numerous high-profile phishing attacks over the past year, targeting both Apple and Android device users in various regions.

The Darcula platform boasts an extensive infrastructure, comprising approximately 20,000 domains spread across 11,000 IP addresses. Moreover, it continues to expand rapidly, with over 100 new domains added to its arsenal daily.

As always, the most effective defense against phishing attacks is exercising vigilance and employing common sense. Users should remain cautious of unexpected or suspicious messages, especially those that appear too good to be true. By maintaining a skeptical mindset and scrutinizing incoming communications, individuals can mitigate the risk of falling victim to phishing scams.