Bluekit Phishing Service: How AiTM Attacks Make MFA Ineffective
bluekitphishingaitmsession hijackingmfa bypasscybersecuritycybercrimevaronislapsus$microsoftmitre att&ckphaas

Bluekit Phishing Service: How AiTM Attacks Make MFA Ineffective

By Daniel MarshMay 1, 2026

The Bluekit Phishing Service's Real Threat: AiTM as a Service

The Bluekit phishing service isn't just another phishing kit; it's a full-stack PhaaS platform. It brings together all the tools an attacker needs, from buying domains to setting up phishing pages and managing campaigns, all in one place. The platform boasts over 40 templates, mimicking popular services such as Outlook, Hotmail, Gmail, Yahoo, ProtonMail, iCloud, GitHub, Ledger, Apple ID, Twitter, Zoho, and Zara, significantly broadening its potential target base. While a wide array of templates is concerning, Bluekit's true danger lies elsewhere.

The integrated AI assistant, which supports models like Llama, GPT-4.1, Claude, Gemini, and DeepSeek, remains in an experimental phase, according to Varonis analysis. It generates campaign skeletons, placeholder content, and generic link fields. It's more of a basic draft generator than a truly sophisticated, dynamic phishing engine. Despite its assistance in initial setup, the AI isn't what makes Bluekit truly dangerous.

The actual risk stems from Bluekit's capability to steal active sessions. This goes beyond simply stealing credentials. Attackers position themselves in the middle of a legitimate login flow, intercepting session cookies and local storage data *after* a user has successfully authenticated, even with multi-factor authentication (MFA) enabled.

The attack chain typically unfolds in these steps:

  1. First, the attacker uses Bluekit's templates and campaign management tools to dispatch a phishing email. While the AI assistant might draft initial text, human refinement is usually needed.
  2. When the victim clicks the link, they land on a Bluekit-hosted phishing page. This page acts as a reverse proxy, forwarding the victim's login attempts to the legitimate service.
  3. The victim then enters their credentials and completes any MFA challenge, leading to successful authentication by the legitimate service.
  4. As the legitimate service returns authenticated session cookies and other session state data, the Bluekit phishing service intercepts these elements. It doesn't just record credentials; it seizes the active session itself.
  5. This stolen session data, including cookies and local storage, is then exfiltrated via Telegram private channels. The Bluekit phishing service also provides real-time victim session monitoring, allowing attackers to observe the session in progress.

This mechanism renders traditional MFA, such as SMS codes or time-based one-time passwords (TOTP) from authenticator apps, ineffective against session hijacking. The attacker does not attempt to guess an MFA code; they wait for the user to complete authentication, then steal the active session immediately afterward. This technique directly mirrors MITRE ATT&CK's T1539 for stealing web session cookies and T1550.002 for spearphishing links.

Alt Text: A server room showing the infrastructure behind the Bluekit phishing service. Caption: The hidden infrastructure behind sophisticated phishing operations.
Alt Text: A server room showing the infrastructure

Why Current Defenses Are Inadequate

Bluekit's operational impact is stark: an attacker gaining this access can forge tokens for any tenant in a compromised environment. The kit's configurable features, including redirects, anti-analysis mechanisms, and granular security options to block VPN/proxy traffic or headless user agents, complicate detection, as its design prioritizes evasion.

For years, the industry has advocated for MFA as the primary defense layer. However, AiTM attacks, now readily available through platforms like the Bluekit phishing service, fundamentally alter this security posture. If an attacker can steal a session *after* successful authentication, MFA has performed its function, yet the attacker still gains unauthorized access.

This was evident in the 2022 Lapsus$ attacks against Okta and Microsoft, which serve as a stark reminder of the danger, where session cookies were exfiltrated post-MFA, leading to significant breaches. (Microsoft's analysis of Lapsus$)

This is not a hypothetical scenario. The Bluekit phishing service is under active development, receiving frequent updates. It democratizes advanced phishing techniques, lowering the technical barrier for sophisticated cybercrime. Its target scope is broad, encompassing critical services from email to financial and developer platforms, reflecting a shift in the threat landscape where session hijacking is increasingly common, as observed in recent reports like CISA's AA23-001A on Phishing and Credential Theft and Microsoft's guidance on AiTM phishing attacks.

Adapting Defense Strategies

We need to fundamentally re-evaluate our defense strategies. Sole reliance on traditional MFA and basic security awareness training is no longer sufficient against AiTM threats.

The next logical step involves implementing hardware-backed security. FIDO2 security keys and Passkeys are inherently phishing-resistant. They cryptographically bind the authentication request to the legitimate site's origin, preventing AiTM attacks because the security key cannot be tricked into authenticating to a proxy domain. Organizations not actively deploying FIDO2 or Passkeys are operating with a known vulnerability against these attack vectors. Microsoft's push for passwordless authentication via Passkeys in Azure AD, as detailed in their recent announcements, is a clear indicator of this direction.

Another layer of defense comes from strengthening device compliance and conditional access policies. Enforcing checks for managed devices, health status, and patch levels is critical. Conditional Access policies, such as those in Microsoft Entra ID, should then use these signals to assess session trustworthiness. A session originating from an unmanaged device or an anomalous location should trigger re-authentication or block access entirely, mitigating risks associated with compromised sessions even if credentials were stolen.

Traditional security awareness training might not stop AiTM, but teaching users *how* these attacks work is still crucial. Explain that even after completing MFA, a malicious site can still hijack their session. Train users to meticulously scrutinize URLs, identify certificate anomalies, and report any suspicious activity. This requires a more nuanced message but is vital for cultivating a resilient security culture.

Solid email security remains a critical first line of defense. Although AiTM bypasses MFA, the attack still relies on delivering the initial phishing email. Advanced email security solutions capable of detecting sophisticated impersonation, URL rewriting, and malicious attachments, alongside robust DMARC implementation, are still crucial for reducing the initial attack surface. These systems can often identify and quarantine Bluekit-generated lures before they reach an inbox.

Alt Text: A smartphone and a FIDO2 security key on a dark surface. Caption: Hardware security keys offer robust protection against session hijacking.
Alt Text: A smartphone and a FIDO2 security

The Bluekit phishing service illustrates the evolution of the phishing threat. The AI assistant is a minor detail; the real threat is how Bluekit makes advanced AiTM techniques so accessible. We must move beyond traditional MFA, investing in phishing-resistant authentication and strong device trust frameworks. If we fail to adapt, attackers will continue to bypass our current defenses with ease.

Daniel Marsh
Daniel Marsh
Former SOC analyst turned security writer. Methodical and evidence-driven, breaks down breaches and vulnerabilities with clarity, not drama.