Bluekit Phishing as a Service (PhaaS)
ID: d36c876b-ac88-5431-8347-4398aca37f5e
STIX ID: report--d36c876b-ac88-5431-8347-4398aca37f5e
Feed Name: CloudSEK Blog
This report details the discovery and analysis of BlueKit, a commercially operated Phishing-as-a-Service platform that provides tiered subscriptions, extensive phishing templates (87 kits), automated post-compromise workflows, P2P page rendering to evade detection, smishing capabilities, AI-assisted content generation, and integration with anti-detect browsers; the platform exposes a full database schema and operational IOCs (clearnet domains, Tor service, Cloudflare token), enabling large-scale credential harvesting, session hijacking, account takeover, and high-value cryptocurrency theft.
Your team is not currently subscribed to this feed. You must subscribe to it in order to see this post.
