Google Sues Chinese Cybercrime Group Over Phishing Scheme
हिंदी में सुनें
Listen to this article in Hindi
Google is suing a Chinese-speaking cybercrime group, Darcula, for allegedly orchestrating a large-scale phishing text message scam targeting Americans.
Google has filed a lawsuit against a Chinese-speaking cybercriminal organization believed to be behind a massive wave of fraudulent text messages targeting people in the United States. The legal action, initiated on Tuesday, targets a group known as Darcula.
Darcula allegedly markets software that enables its users to send out phishing texts on a large scale. These messages often impersonate legitimate entities, such as the IRS or the U.S. Postal Service, in an attempt to defraud recipients.
According to a Google spokesperson, the lawsuit aims to provide the company with the legal standing necessary to seize control of the group's websites through U.S. court orders, thereby disrupting their criminal activities.
Darcula is considered a key player in a growing cybercrime network where hacking tools are created and sold to individuals seeking to carry out scams. Their primary tool, called Magic Cat, offers an accessible way for criminals, even those without advanced technical skills, to send spam texts to millions of phone numbers. These texts contain links to fake websites that mimic services like YouTube Premium. The goal is to trick victims into entering their credit card information, which is then stolen.
Google's legal complaint requests a temporary restraining order against Darcula's web infrastructure. This would allow Google to take legal control and shut it down.
The identities of Darcula's members, who primarily operate using simplified Chinese, are largely unknown. The lawsuit names Yucheng Chang as a leader but he could not be reached for comment. In addition, the complaint names 24 other unnamed defendants whose identities are currently unknown to Google.
Google believes Chang is based in China, while other members of the group are located in China or other countries.
Because cybercrime networks targeting Americans often operate from countries with limited cooperation with U.S. law enforcement, it is difficult for the U.S. to shut them down. This has led tech companies like Google and Microsoft to use the court system to seize websites used in criminal hacking operations.
NBC News reported earlier this year that Darcula showcased its software's capabilities in videos posted on its Telegram channel, demonstrating how it could be used to send numerous texts to Americans falsely claiming they owed money for unpaid E-ZPass tolls. The Telegram channel is no longer active, and the group could not be reached for comment.
Cassandra Knight, Google’s Vice President of Litigation, stated that the legal action is intended to shut down the infrastructure of a massive scam operation responsible for an estimated 80% of all phishing texts sent earlier in the year. She added, "Our message to scammers is clear: We will use our technical and legal resources to protect our users and hold you accountable."
An investigation by Norwegian National Broadcasting (NRK) analyzed records on Magic Cat obtained by cybersecurity researchers and found that over 600 individuals were involved in operating the scams.
NRK's investigation revealed that while Magic Cat allows users to impersonate a wide range of Western companies and governments, it does not offer the option to impersonate Chinese entities.
Google estimates that Darcula and its associates have stolen nearly 900,000 credit card numbers, with approximately 40,000 belonging to Americans. Between September and November, Google received over 5,000 complaints from users of Google Messages, the default text messaging app on Google Pixel phones, regarding scam texts from Darcula.
