New AI-Powered Bluekit Phishing Kit Targets Major Platforms with MFA Bypass Attacks

Varonis Threat Labs has discovered a new phishing-as-a-service kit called Bluekit that is making it much easier for cyberattackers to bypass security, even when users have extra protections turned on. This kit is basically like a one-stop shop for hackers, offering over 40 fake website templates that mimic big names like iCloud, Apple ID, Gmail, Outlook, Hotmail, Yahoo, ProtonMail, GitHub, Twitter, Zoho, Zara, and Ledger.

In the past, a hacker had to switch between different services to set up a scam. Bluekit changes all that by offering everything on a single dashboard where threat actors can buy domains, set up fake login pages, and track their victims in real-time.

Bypassing the MFA

The most dangerous part of Bluekit is that it handles security codes using a method called Adversary-in-the-Middle (AiTM). According to Varonis’ experts, when a victim enters their details on a fake Bluekit page, the kit doesn’t just ...