New Bluekit Phishing Kit Features AI Assistant

The kit’s AI Assistant has its own panel and exposes multiple model options, likely accessible through jailbroken or permissive instances. When tested, the assistant delivered a structured campaign draft with placeholders rather than ready-to-use content.According to Varonis, Bluekit’s developer is releasing feature and template updates at a rapid pace, but the phishing kit has not yet been used in a live campaign.“Compared with similar phishing kits that have already advanced further into automation and operator convenience, Bluekit still appears to be a kit in active development. The feature set keeps evolving as we track it, and if that pace continues with broader adoption, Bluekit is likely to surface in future campaigns,” Varonis says.Related:Tycoon 2FA Loses Phishing Kit Crown Amid Surge in AttacksRelated:Germany Suspects Russia Is Behind Signal Phishing That Targeted Top OfficialsRelated:Internet Infrastructure TLD .arpa Abused in Phishing AttacksRelated:Over 100 Organizations Targeted in ShinyHunters Phishing Campaign

According to Varonis, Bluekit’s developer is releasing feature and template updates at a rapid pace, but the phishing kit has not yet been used in a live campaign.“Compared with similar phishing kits that have already advanced further into automation and operator convenience, Bluekit still appears to be a kit in active development. The feature set keeps evolving as we track it, and if that pace continues with broader adoption, Bluekit is likely to surface in future campaigns,” Varonis says.Related:Tycoon 2FA Loses Phishing Kit Crown Amid Surge in AttacksRelated:Germany Suspects Russia Is Behind Signal Phishing That Targeted Top OfficialsRelated:Internet Infrastructure TLD .arpa Abused in Phishing AttacksRelated:Over 100 Organizations Targeted in ShinyHunters Phishing Campaign

“Compared with similar phishing kits that have already advanced further into automation and operator convenience, Bluekit still appears to be a kit in active development. The feature set keeps evolving as we track it, and if that pace continues with broader adoption, Bluekit is likely to surface in future campaigns,” Varonis says.Related:Tycoon 2FA Loses Phishing Kit Crown Amid Surge in AttacksRelated:Germany Suspects Russia Is Behind Signal Phishing That Targeted Top OfficialsRelated:Internet Infrastructure TLD .arpa Abused in Phishing AttacksRelated:Over 100 Organizations Targeted in ShinyHunters Phishing Campaign

Related:Tycoon 2FA Loses Phishing Kit Crown Amid Surge in AttacksRelated:Germany Suspects Russia Is Behind Signal Phishing That Targeted Top OfficialsRelated:Internet Infrastructure TLD .arpa Abused in Phishing AttacksRelated:Over 100 Organizations Targeted in ShinyHunters Phishing Campaign

Related:Germany Suspects Russia Is Behind Signal Phishing That Targeted Top OfficialsRelated:Internet Infrastructure TLD .arpa Abused in Phishing AttacksRelated:Over 100 Organizations Targeted in ShinyHunters Phishing Campaign

Related:Internet Infrastructure TLD .arpa Abused in Phishing AttacksRelated:Over 100 Organizations Targeted in ShinyHunters Phishing Campaign

Related:Over 100 Organizations Targeted in ShinyHunters Phishing Campaign

Ionut Arghire is an international correspondent for SecurityWeek.

With "Shadow AI" usage becoming prevalent in organizations, learn how to balance the need for rapid experimentation with the rigorous controls required for enterprise-grade deployment.

Delve into big-picture strategies to reduce attack surfaces, improve patch management, conduct post-incident forensics, and tools and tricks needed in a modern organization.

Source: SecurityWeek