Overview

• An international phishing network, active in 130 countries and involving 600 members, has been exposed for stealing credit card data via fake SMS package-delivery notifications.
• The operation uses an AI-powered toolkit called 'Magic Cat,' developed by a 24-year-old Chinese programmer known as 'Darcula,' to create realistic fake websites of over 300 companies.
• Between late 2023 and mid-2024, phishing links were clicked 13 million times globally, resulting in nearly 900,000 victims, including 20,000 in Germany.
• The phishing software allows attackers to monitor victims' data entry in real time, enabling them to store deleted inputs and load stolen cards into digital wallets without requiring PINs.
• Despite being aware of the network since October 2024, the German Federal Criminal Police Office (BKA) has not launched investigations, citing challenges in international policing cooperation.