Inside the UPMI Phishing-as-a-Service Platform

Ctrl-Alt-Intel recovered and analysed the complete source code of "UPMI ULTIMATE", an AI-assisted Phishing-as-a-Service platform that automates reconnaissance, multi-method email delivery (Direct MX / Office365 relay / Microsoft Graph), encrypted LinkShield redirects with CAPTCHA gating, and Evilginx reverse proxies that capture credentials and live session tokens to bypass MFA; the exposed master server revealed licensing, collective intelligence, operator dashboard controls, and numerous IOCs tied to active deployments.