New AI-Enhanced Phishing Kit Bluekit Raises Cybersecurity Concerns
A new phishing kit named Bluekit has been identified, offering a range of sophisticated capabilities, including an AI assistant and automated domain registration. According to Varonis, Bluekit provides over 40 website templates and supports two-factor authentication, geolocation emulation, and antibot cloaking. It targets various platforms such as Apple ID, iCloud, GitHub, and Gmail. The kit's control panel allows operators to manage phishing pages and captured logs, using Telegram as the default exfiltration channel. Bluekit's AI Assistant can draft structured campaign templates, although it has not yet been used in live campaigns. The kit is still in development, with its developer releasing updates rapidly. 
