Like others who have a mobile phone in the US and later, if you receive fraudulent text messages about email items with no unpaid tolls or withdrawals, you could have been targeted for prolific fraudulent operations.
The fraud was not particularly complicated, but it was very effective. From mail delivery to local government programs, by sending spam text messages that look like authentic notifications for popular services, unsuspecting victims click on the link loading the phishing page, enter their credit card details, and the information is swiped to use for fraud.
During the seven months of 2024, the scam had acquired at least 884,000 stolen credit card details, allowing scammers to cash into the victim’s accounts. Some victims lost thousands of dollars in fraud, researchers say.
However, a series of OPSEC mistakes have ultimately led security researchers and investigative journalists to the real-world identity of Magic Cat, the maker of fraud software.
As revealed by Mnemonic, a security company based in Oslo, and as Norwegian media reported earlier this year in tandem, the fluffy, cute cat in Dacula’s profile picture is a 24-year-old Chinese national named Yucheng C.
Researchers say Yucheng C. will develop magic cats for hundreds of customers and launch its own SMS text messaging fraud campaign for victims using software.
Shortly after he was not masked, Dacula darkened, and his fraud surgeries had not been updated since then, leaving his clients in a hurry. However, the result has been new manipulation, already far surpassing its predecessor.
Researchers are currently alarming the new fraudulent manipulation, the magic mouse. Rised from the ashes of the Magic Cat.
Before sharing new findings at the DEF Con security conference in Las Vegas on Friday, Mnemonic offensive security consultant Harrison Sand told TechCrunch that Magic Mouse has been surged from the end of Darcula’s Magic Cat.
Sand also warned of an increased ability to steal people’s credit cards on a massive scale.
During the investigation, Mnemonic found photos from inside operations posted to a telegram channel managed by Darcula, showing a lineup of videos showing a rack where dozens of phones were used to automate the transmission of credit card payment devices and videos.
Scammers use mobile wallet card details on the phone, conduct payment scams and wash funds into other bank accounts. Some phones were overflowing with mobile wallets with stolen cards from others ready to use for mobile transactions.
Sand told TechCrunch that Magic Mouse is already in charge of theft of at least 650,000 credit cards a month.
The evidence suggests that Magic Mouse is a whole new operation coded by a new developer and likely has nothing to do with Darcula, but much of Magic Mouse’s success comes from a new operator stealing phishing kits that made its predecessor’s software so popular. Sand says these kits include hundreds of phishing sites that Magic Cat has been used to mimic legitimate web pages from leading tech giants, popular consumer services and delivery companies, all designed to trick victims into handing over credit card details.
But despite the prolific nature of magical cats and now magical mice and their ability to win millions of dollars with funds stolen from consumers, Sand is calling on TechCrunch that law enforcement hasn’t surpassed the wider operations behind several scattered reports and schemes of fraud.
Instead, Sand said it is the tech companies and finance giants that allow these scams to exist and thrive, and that don’t make it even more difficult for scammers to use stolen cards.
Anyone who receives suspicious texts may be the best policy to ignore unnecessary messages.
