‼️ A threat actor operating under the alias petrushka is selling a phishing-as-a-service (PhaaS)...

Summary

A threat actor using the alias petrushka is offering a phishing-as-a-service (PhaaS) platform called Bluekit that includes 40+ phishing templates, Evilginx-based adversary-in-the-middle (AitM) capabilities, and 2FA bypass functionality with geolocation and browser spoofing features. The service represents a commoditization of advanced phishing and credential theft attacks, lowering barriers to entry for less-skilled attackers. Bluekit's anti-bot protection and sophisticated evasion techniques make it a significant threat to organizations relying on standard MFA deployments.

Indicators of Compromise

• malware — Bluekit
• malware — Evilginx

Entities