Google has filed a lawsuit against a Chinese-speaking cybercriminal group accused of orchestrating a large-scale wave of scam text messages targeting Americans this year.
According to the legal complaint filed on Tuesday (Dec 19), the group known as Darcula develops and sells phishing software that enables scammers to send mass text messages impersonating trusted organisations such as the Internal Revenue Service (IRS), the U.S. Postal Service, and toll service providers.
Google said the lawsuit seeks legal authorisation from U.S. courts to seize and shut down websites and infrastructure used by the group, disrupting its scam operations.
The company described Darcula as a key player in a growing underground cybercrime ecosystem that supplies tools to aspiring scammers with little technical expertise.
Darcula’s flagship software, known as Magic Cat, allows users to rapidly send millions of phishing messages containing links to fake websites designed to steal victims’ credit card and personal information.
The program has reportedly been used in scams involving false claims of unpaid E-ZPass tolls and fake subscription services.
The complaint requests a temporary restraining order that would allow Google to take control of Darcula’s web infrastructure.
While the identities of most group members remain unknown, the lawsuit names an alleged leader, Yucheng Chang, whom Google believes resides in China, along with 24 unnamed associates believed to be operating in China or other foreign countries.
Google noted that cybercrime groups targeting Americans often operate in jurisdictions with limited cooperation with U.S. law enforcement, prompting technology companies to increasingly use civil lawsuits as a tool to dismantle criminal networks. Source: NBC News
HackWarn Analysis
Why this case matters
Darcula represents a new generation of cybercrime groups that sell ready-made scam tools, allowing anyone to become a scammer without advanced hacking skills. This dramatically increases the scale and speed of scam campaigns worldwide.
Key risks to the public
- Mass scam texts impersonating trusted institutions
- Fake payment demands (tolls, taxes, subscriptions)
- Stolen credit card and personal data
- Scams spreading faster than law enforcement can respond
Why Google took legal action
Traditional law enforcement faces challenges when scammers operate overseas. By using civil lawsuits, tech companies can legally seize scam infrastructure, block phishing websites, and cut off access to tools used by criminals.
What users should do
- Never click links in unsolicited SMS messages
- Verify payment claims directly with official websites or apps
- Avoid entering card details through links sent by text
- Report scam messages to telecom providers and authorities
