Bluekit is a new phishing kit offering more than 40 realistic templates targeting services like Gmail, Outlook, iCloud, GitHub, and Ledger, and it unifies domain registration, phishing page setup, campaign management, and real-time victim monitoring. Its AI Assistant supports multiple models (Llama, GPT-4.1, Claude, Gemini, DeepSeek) to draft phishing campaigns, but Varonis found the outputs were placeholder-heavy and experimental, highlighting a growing trend of AI-enabled cybercrime alongside tools like ATHR. #Bluekit #Varonis
Keypoints
- Bluekit provides over 40 templates targeting email, cloud, developer, and cryptocurrency services.
- An AI Assistant panel supports multiple models to help generate phishing campaign drafts.
- Varonis analysis showed the AI outputs contained placeholders and required cleanup, indicating early-stage features.
- The platform integrates domain purchase, phishing page setup, campaign configuration, and real-time victim session monitoring.
- Operators can tune anti-analysis filters and exfiltrate stolen data via Telegram channels for post-capture monitoring.