This month focuses on the FBI-led ‘Operation Artemis’, the Phishing-as-a-Service Toolkit Dracula getting an AI Upgrade, Google including new security features for their browser, and WhatsApp introducing a new security feature for chats.

FBI’s ‘Operation Red Card’ Targets Financially Motivated Sextortion Schemes

The FBI, with partners from Canada, Australia, Nigeria, and the UK, conducted Operation Artemis, arresting 22 Nigerian suspects involved in financially motivated sextortion schemes.

Summary

• About half of the arrested suspects were directly linked to victims who died by suicide due to sextortion, highlighting the deadly consequences of these crimes.
• The operation aims to combat child exploitation and bring perpetrators who hide behind screens to justice through global cooperation.
• The FBI reported a 30% increase in sextortion tips from October 2024 to March 2025, and 54,000 victims were recorded in 2024, up from 34,000 in 2023.
• Victims suffered nearly $65 million in financial losses from sextortion over the past two years, as cases targeting young males aged 14–17 sharply increased.
• The FBI’s Child Exploitation Operational Unit (CEOU) helped identify nearly 3,000 sextortion victims, with many perpetrators traced to Nigeria, expanding the investigation internationally.
• Three Nigerian suspects have already been extradited to the U.S. to face charges, including cases linked to the deaths of teenagers in South Carolina and Pennsylvania.
• Suspects posed as peers or romantic interests on social media platforms, coercing victims into sending compromising images, then blackmailing them for money through gift cards, mobile payments, wire transfers, or cryptocurrency.
• Even after receiving payments, perpetrators often continued to threaten and manipulate victims, worsening feelings of shame, isolation, and guilt.
• Operation Artemis involved multiple FBI units, Legal Attaché offices in Abuja and Lagos, and support from various FBI field offices and the Department of Justice’s Child Exploitation and Obscenities Section to ensure suspects face justice.
• Read more about it here.

Dracula Phishing-as-a-Service Gets An AI Upgrade

Darcula, a Chinese-language phishing-as-a-service (PhaaS) platform, has integrated generative AI to make smishing attacks even more powerful and widespread.

Summary

• Researchers at Netcraft, who have tracked Darcula for a year, warn that phishing domains linked to the platform (already 20,000+ in March 2024) are set to grow significantly with the new AI tools.
• With the new AI-enhanced interface, novice hackers can easily launch customized phishing campaigns by simply signing up and inputting a legitimate brand site.
• Before AI, Darcula offered 200+ customizable templates across 100 countries; now, users can create unlimited templates, expanding attack possibilities dramatically.
• With AI, attackers can now target niche and regional brands that were previously ignored, making phishing campaigns more varied and harder to predict.
• AI-driven customization renders traditional signature-based detection methods less effective, pushing organizations to adopt dynamic, behavior-based security approaches.
• Darcula’s AI can generate phishing forms in any language, customize fields, and translate phishing pages instantly, further broadening its global reach.
• Demonstrations showed attackers cloning major brand websites (e.g., Google), modifying forms in minutes, and switching languages effortlessly, reducing setup time for phishing attacks.
• Darcula operates like a legitimate SaaS company, using modern tech like JavaScript frameworks, Docker, and Harbor, and distributes malware via RCS, iMessage, and SMS.
• Because Darcula bypasses many traditional telecom safeguards, end users must stay alert, especially when receiving unexpected RCS or iMessage communications from unknown sources.
• Read more about Dracula here
• Read more about the new AI upgrade here.

Google Releases New Security Updates in Chrome

Google announced it will not introduce a new standalone prompt for third-party cookies in Chrome, maintaining its current method through the Privacy and Security Settings menu.

Summary

•  In July 2024, Google had said it would replace third-party cookie deprecation with a new user experience, but that plan has now been dropped.
• Feedback from publishers, developers, regulators, and advertisers revealed divergent perspectives, influencing Google’s decision to pause broader changes to third-party cookie handling.
• Chrome’s Incognito mode will maintain its default blocking of third-party cookies, and Google plans to further enhance privacy features within this mode.
• A new IP Protection tool is set for release in Q3 2025, designed to mask users’ IP addresses in third-party contexts during Incognito browsing to prevent cross-site tracking.
• Google’s Privacy Sandbox technologies will have an adjusted role in the ecosystem, with Google pledging to gather feedback and update the roadmap for these APIs.
• The IP Protection feature is already available as an open-source project, allowing public review and potential collaboration.
• Google’s decisions come amid intense antitrust scrutiny in the U.S., including recent rulings accusing it of monopolistic practices in search and advertising.
• It is important to note that Apple Safari and Mozilla Firefox have blocked third-party cookies by default since 2020, but Google faces more challenges because of its dual roles in advertising and browser development.
• Read more about it here

WhatsApp Releases New Security Feature For Chats

WhatsApp introduced Advanced Chat Privacy, allowing users to block exporting chats, prevent auto-downloading media, and restrict AI usage on messages for added privacy.

Summary

• While the feature blocks many forms of sharing, individual screenshots and manual media downloads are still possible.
• WhatsApp recommends using this feature during sensitive conversations, especially in groups with unknown participants.
• The feature is optional and is rolling out to all users who update to the latest version of the WhatsApp app.
• Read more about it here

Sources

• https://africa.businessinsider.com/local/lifestyle/fbi-led-operation-artemis-arrests-22-nigerians-over-dollar65-million-sextortion-scam/zrwdxs3
• https://www.darkreading.com/endpoint-security/-darcula-phishing-as-a-service-operation-bleeds-victims-worldwide
• https://www.darkreading.com/threat-intelligence/darcula-phishing-kit-impersonate-brand
• https://thehackernews.com/2025/04/google-drops-cookie-prompt-in-chrome.html
• https://blog.whatsapp.com/introducing-advanced-chat-privacy