The threat actors behind the Darcula phishing-as-a-service (PhaaS) platform have released new updates to their cybercrime suite with generative artificial intelligence (GenAI) capabilities.
“This addition lowers the technical barrier for creating phishing pages, enabling less tech-savvy criminals to deploy customized scams in minutes,” Netcraft said in a new report shared with The Hacker News.
“The new AI-assisted features amplify Darcula’s threat potential by simplifying the process to build tailored phishing pages with multi-language support and form generation — all without any programming knowledge.”
Darcula was first documented by the cybersecurity company in March 2024 as a toolkit that leveraged Apple iMessage and RCS to send smishing messages to users that trick recipients into clicking on bogus links under the guise of postal services like USPS.
Stay updated with SOC News for cutting-edge security innovations and expert industry insights!
Source : https://thehackernews.com/2025/04/darcula-adds-genai-to-phishing-toolkit.html
The unconfirmed breach allegedly includes email, phone numbers, API and crypto keys, credentials, and billing information, from over 30,000 OmniGPT users.
Popular AI aggregator OmniGPT, which provides access to multiple AI models including ChatGPT-4, Claude 3.5, Gemini, and Midjourney, has allegedly suffered a massive breach, exposing personal data belonging to over 30,000 users.
On Monday, a BreachForums user “Gloomer” reportedly made a post, offering samples of the allegedly stolen data. “This leak contains all messages between the users and the chatbot of this site, as well as all links to the files uploaded by users and also 30k user emails.”
The “God” level BreachForums user, reserved for the top-tier members of the hack site, made the post a little over two weeks after KrakenLabs last reported the breach, attributing it to a BreachForums post made by a user with the same alias, but a different profile avatar.
“Hi, I recently breached OmniGPT.co which is a smaller clone of ChatGPT and extracted all messages between their users and the AI (Over 34 million lines), additionally I also got the emails of 30k users and about 20% of these also come with phone number.” Gloomer had said then.
Stay updated with SOC News for cutting-edge security innovations and expert industry insights!
