| SYMBOL | COMMON_NAME | aka. SYNONYMS |
XinXin is a Chinese-speaking threat actor known for its phishing-as-a-service platform, Lucid, which targets global organizations to steal credit card details and personally identifiable information through smishing campaigns. The group employs advanced techniques such as exploiting Rich Communication Services and Apple's iMessage protocol to bypass traditional SMS filters. XinXin also develops and utilizes other phishing kits like Lighthouse and Darcula, facilitating large-scale phishing operations with automated tools and evasion techniques. The group operates a structured hierarchy and monetizes stolen data while actively supporting the development of similar PhaaS services.
There are currently no families associated with this actor.
| 2025-03-24
⋅
PRODAFT
⋅
Lucid XinXin |