Devil-Traff – New Malicious Bulk SMS Portal That Fuels Phishing Attacks

A new threat to cybersecurity has emerged in the form of Devil-Traff, a bulk SMS platform designed to facilitate large-scale phishing campaigns.

Leveraging advanced features such as sender ID spoofing, API integration, and support for malicious content, this platform has become a favorite tool for cybercriminals worldwide.

Phishing attacks often begin with a seemingly legitimate text message. For example:-

“Suspicious activity detected on your account. Click here to secure your account.”

These messages, crafted to appear credible, trick recipients into clicking malicious links or sharing sensitive information.

Security experts at SlashNext noted, with Devil-Traff, attackers can send thousands of such fraudulent messages within minutes, targeting individuals and organizations globally.

How Devil-Traff Fuels Phishing Attacks

The platform’s sender ID customization feature allows attackers to impersonate trusted entities like banks or government agencies.

For instance, a message might appear to come from “PayPal Support,” urging users to click a link to resolve supposed account issues.

Another common tactic involves one-time password (OTP) interception, where attackers pose as service providers to steal OTPs and bypass two-factor authentication (2FA).

Devil-Traff is designed for high-volume messaging and offers several features that make it attractive to cybercriminals:-

• Sender ID Customization: Enables spoofing of trusted organizations.
• API Integration: Automates campaigns, allowing thousands of SMS messages to be sent with minimal effort.
• Macros for Optimization: Improves delivery rates and bypasses spam filters.
• Affordable Pricing: Costs start at just $0.02 per SMS, with a $10 minimum deposit.
• Global Reach: Offers routes across countries like Turkey, Brazil, France, and Australia. Private routes are also available for exclusive campaigns.

The API integration in Devil-Traff allows attackers to automate phishing campaigns using simple HTTP POST requests.

Devil-Traff’s accessibility and affordability have made it a popular topic on cybercrime forums. Users share tips on delivery optimization and even trade phone number databases for targeted campaigns.

To mitigate these risks, it is essential to educate employees about phishing red flags, such as mismatched URLs or urgent requests, and employ advanced threat detection tools to identify and block malicious links in real time.

Additionally, strengthening two-factor authentication by avoiding SMS-based OTPs when possible can further enhance security.

Organizations and individuals must remain vigilant, as even one careless click can compromise sensitive data or entire networks.

Are you from SOC/DFIR Teams? – Analyse Malware Files & Links with ANY.RUN Sandox -> Start Now for Free.