AI‑Enhanced Bluekit Phishing Kit Offers 40 Templates Targeting Email, Cloud, Dev & Crypto Services
What Happened – A new phishing‑as‑a‑service platform called Bluekit was discovered, providing over 40 ready‑made templates for popular email providers, cloud storage, developer platforms and cryptocurrency wallets. The kit bundles an AI Assistant that can draft phishing emails using models such as Llama, GPT‑4.1, Claude, Gemini and DeepSeek.
Why It Matters for TPRM –
- Low‑skill actors can now launch credential‑harvesting campaigns at scale, increasing the likelihood of third‑party credential compromise.
- Integrated domain registration, page hosting and real‑time session monitoring lower the barrier for supply‑chain phishing attacks against vendors.
- AI‑generated drafts reduce the time needed to craft convincing lures, accelerating attack timelines.
Who Is Affected – Organizations that rely on Outlook/Hotmail/Gmail, iCloud, GitHub, Ledger, and similar services across technology, finance, healthcare, retail and education sectors.
Recommended Actions –
- Review phishing‑resilience of any third‑party services that handle employee credentials.
- Enforce MFA and conditional access for all external SaaS accounts.
- Conduct phishing awareness training that includes AI‑generated lure examples.
Technical Notes – Bluekit’s dashboard automates domain purchase, phishing page deployment, anti‑analysis filters (VPN/proxy blocks, headless detection) and exfiltrates harvested data to private Telegram channels. The AI Assistant currently produces skeletal drafts that still require manual refinement. Source: BleepingComputer