Cybersecurity researchers have uncovered four new sophisticated phishing kits—BlackForce, GhostFrame, InboxPrime AI, and Spiderman—that enable large-scale credential theft and mimic legitimate websites. These kits use advanced evasion, automation, and targeting techniques to bypass security measures and target various sectors, including banking and corporate accounts. #BlackForce #GhostFrame
Keypoints
- BlackForce is designed to steal credentials and bypass multi-factor authentication using Man-in-the-Browser attacks.
- GhostFrame employs iframe architecture and anti-debugging to mask its malicious phishing pages and evade detection.
- InboxPrime AI uses artificial intelligence to automate mass phishing email campaigns with realistic messaging.
- Spiderman specializes in creating realistic replicas of European bank login pages and intercepts various financial credentials.
- Hybrid attacks combining Salty and Tycoon 2FA kits indicate evolving tactics to bypass detection and attribution efforts.
Read More: https://thehackernews.com/2025/12/new-advanced-phishing-kits-use-ai-and.html