Bluekit combines AI and phishing in one attack platform
Updated
Updated · Techzine Europe · May 1
Bluekit combines AI and phishing in one attack platform
8 articles · Updated · Techzine Europe · May 1
Varonis said the tool uses templates impersonating email, cloud, developer and crypto services, while an AI assistant drafts campaign text but still needs human editing.
A single dashboard lets attackers register domains, build phishing pages, manage redirects and login flows, evade detection, and filter VPN, proxy and automated-browser traffic.
Bluekit also tracks victim sessions in real time, exposing cookies and local storage, and reflects a broader shift toward regularly updated, integrated phishing platforms requiring less technical skill.
With Bluekit's AI-driven phishing campaigns bypassing MFA, can current security practices keep organizations and users truly safe?
How might the professionalization of phishing—enabled by tools like Bluekit—reshape the global cybercrime economy by 2026 and beyond?
62% of Phishing Attacks in 2026 Linked to AI-Enhanced Bluekit Platform with Advanced Session Hijacking
Overview
Discovered in early 2026, Bluekit is a sophisticated phishing-as-a-service platform that lowers the technical barrier for cybercriminals by integrating advanced AI models and automation into a single, easy-to-use service. Its AI capabilities enable features like voice cloning, antibot cloaking, and geolocation emulation, while its adversary-in-the-middle attacks bypass multi-factor authentication by hijacking active user sessions. Constantly evolving through active development, Bluekit has quickly become the successor to the earlier Tycoon 2FA kit, driving phishing to become the top initial access vector in 2026. This rise has prompted a shift toward phishing-resistant MFA and AI-powered detection, alongside systemic collaboration and user training, to counter its growing threat.