New SMS Scam Outpaces Predecessor, Stealing Hundreds of Thousands of Credit Cards Monthly

Hustler Words – A massive SMS scam operation, dubbed "Magic Mouse," has emerged, eclipsing its predecessor, "Magic Cat," in scale and efficiency. Following the unmasking of Magic Cat’s creator, a 24-year-old Chinese national known as "Darcula," a new wave of fraudulent activity has flooded the market. This new operation, detailed by Oslo-based security firm Mnemonic and reported on hustlerwords.com, is already stealing an estimated 650,000 credit cards per month.

The Magic Cat operation, active for seven months in 2024, netted at least 884,000 stolen credit cards. Its success stemmed from cleverly designed phishing text messages mimicking legitimate notifications from delivery services and government agencies. Victims who clicked malicious links were directed to fake websites, where they unknowingly surrendered their credit card information.

Mnemonic’s investigation revealed that Darcula provided his scam software to hundreds of customers. Images obtained from a Telegram channel Darcula administered showcased the operation’s scale, including rows of credit card payment terminals and racks of phones used for mass text message distribution.

While Magic Mouse appears to be a completely separate operation, its rapid success is attributed to the theft of phishing kits from Magic Cat. These kits, containing hundreds of websites designed to mimic legitimate services, provide a ready-made infrastructure for new scammers.

Harrison Sand, an offensive security consultant at Mnemonic, expressed concern about the lack of significant law enforcement response. He argues that tech companies and financial institutions bear a significant responsibility for enabling these scams by not implementing stronger protections against stolen card usage.

Sand’s findings will be presented at the Def Con security conference in Las Vegas. The sheer volume of credit card theft highlights the urgent need for improved security measures and increased awareness among consumers. Ignoring suspicious text messages remains the best defense against falling victim to these sophisticated scams.