"Dubbed Bluekit, it has been advertised as offering over 40 website templates, support for two-factor authentication, geolocation emulation, antibot cloaking, notifications, spoofing capabilities, voice cloning, and a mail sender."
"The phishing kit uses Telegram as the default exfiltration channel, allowing operators to buy or connect domains from the same interface used to manage phishing pages and captured logs."
"In addition to supporting session state tracking, Bluekit stores cookies and local storage dumps and provides a live view of logged-in session data, as it handles more than just credential grab."
"The kit's AI Assistant has its own panel and exposes multiple model options, likely accessible through jailbroken or permissive instances, delivering a structured campaign draft with placeholders."
Bluekit is a newly discovered phishing kit that offers a wide range of features, including an AI assistant and automated domain registration. It provides over 40 website templates and supports two-factor authentication, geolocation emulation, and antibot cloaking. The kit includes templates for various services such as email, cloud, cryptocurrency, and social media platforms. Bluekit's control panel allows operators to manage domains and phishing pages seamlessly. It also supports session state tracking and provides a live view of logged-in session data. Rapid updates are being released, but it has not yet been used in live campaigns.
Read at SecurityWeek
Unable to calculate read time
Collection
[
|
...
]