If you, like almost anyone else with a mobile phone in the US and beyond, have received a fraud text message about a non -paid tax or non -handed mail item, there is a good chance that you have targeted from a productive fraud firm.
Fraud is not particularly complicated, but it was extremely effective. By sending adverse messages that look like genuine notifications of popular services, from postal traditions to local government programs, unsuspecting victims click on a link that loads an online “fishing” page, imports their credit card information and information.
During a seven -month period in 2024, fraud won at least 884,000 stolen credit card details, allowing scammers to redeem their victims’ accounts. Some victims lost thousands of dollars in fraud, the researchers say.
However, a series of OPSEC errors eventually led to security researchers and research journalists to the actual identity of the scam manufacturer, Magic Cat, said by researchers who say Darcula handle.
As revealed by security company with an imported Oslo Mnemonic and Mentioned in parallel by Norwegian media Earlier this year, behind the fluffy cute cat in the photos of Darcula’s profile is a 24 -year -old Chinese national called Yucheng C.
Researchers say Yucheng C. is developing Magic Cat for hundreds of customers who use software to launch their own SMS text messages on their victims.
Shortly after the revelation, Darcula has destroyed and his business has not seen any updates since then, leaving his clients in Lurch. But in its passage, a new business has emerged and has already overcome its predecessor.
Researchers are now listening to the alarm in the new Magic Mouse fraud, which has been increased by Magic Cat ashes.
Prior to the exchange of new findings at the Def Con security conference in Las Vegas on Friday, Harrison Sand, an aggressive security adviser at Mnemonic, told TechCrunch that the Magic Mouse has grown popularity since the collapse of Darcula’s magic cat.
Sand also warned of the growing ability of the business to steal people’s credit cards on a huge scale.
During their research, Mnemonic found photos from the interior of the business published on a telegram channel given by Darcula, showing a series of credit card and video payments showing shelves with dozens of phones used to automate messages.
Scammers use card details in mobile wallets on phones and conduct payment fraud, washing their funds in other bank accounts. Some of the phones had mobile wallets that overflow with other people’s stolen cards, ready to use for mobile transactions.
Sand told TechCrunch that the Magic Mouse is already responsible for theft of at least 650,000 credit cards per month.
While evidence shows that the Magic Mouse is a completely new feature, coded by new developers and probably irrelevant to Darcula, much of Magic Mouse’s success comes from the new pilots who steal the phishing kits that made the software of its predecessor so popular. Sand said these kits contain hundreds of electronic fishing sites that the magic cat is used to mimic the legal websites of large technological giants, popular consumer services and delivery companies, were all designed to deceive the victims to deliver their credit card details.
But despite the productive nature of Magic Cat and now, the Magic Mouse and their ability to clean millions of dollars in stolen funds by consumers, Sand told TechCrunch in a call that law enforcement does not consider beyond a few scattered fraud reports or the wider business behind the plan.
Instead, Sand said, it is technology companies and financial giants who benefit from responsibility to allow these frauds to exist and thrive and not make more difficult for scammers to use stolen cards.
As for anyone who receives a suspicious text, violating an unwanted message can be the best policy.
