Lucid, a new phishing-as-a-service (PhaaS) platform, has emerged, targeting 169 entities across 88 countries through smishing messages sent via Apple iMessage and Android's RCS. Unlike traditional SMS, these platforms enable cybercriminals to bypass detection mechanisms. Developed by a Chinese-speaking group known as the XinXin group, Lucid facilitates widespread phishing campaigns aimed at stealing credit card details and personal information. This underground economy, also tied to other platforms such as Lighthouse and Darcula, utilizes tools like Telegram for subscriptions, showing the evolving nature of phishing threats.
PhaaS platforms like Lucid leverage legitimate messaging apps such as iMessage and RCS, enhancing delivery success rates while evading traditional SMS-based detection systems.
The scalable model of Lucid allows cybercriminals to administer extensive phishing operations, targeting sensitive data like credit card information and personal identifiers from users globally.
Collection
[
|
...
]