Bubble AI app builder abused to steal Microsoft account credentials

Summary

Kaspersky researchers discovered threat actors leveraging the Bubble AI app-builder platform to create and host malicious web applications that evade email security detection and steal Microsoft account credentials. The attackers exploit Bubble's legitimate *.bubble.io domain and the platform's obfuscated JavaScript output to bypass automated analysis tools, redirecting users to fake Microsoft login portals that harvest credentials. Security experts warn this evasion technique will likely be adopted by phishing-as-a-service platforms to increase the effectiveness of widespread credential theft campaigns.

Full text

Bubble AI app builder abused to steal Microsoft account credentials By Bill Toulas March 25, 2026 03:48 PM 0 Threat actors are evading phishing detection in campaigns targeting Microsoft accounts by abusing the no-code app-building platform Bubble to generate and host malicious web apps. Because the web app is hosted on a legitimate platform, email security solutions do not flag the link as a potential threat, allowing users to access the page. Security researchers at Kaspersky say that threat actors are using the new method to redirect users to the actual phishing page, which is often mimicking a Microsoft login portal that is sometimes hidden behind a Cloudflare check. Any credentials entered on these fake web pages are siphoned to the phishing actor, who may then use them to access email, calendar, and other sensitive data associated with Microsoft 365 accounts. The Microsoft-themed phishing pageSource: Kaspersky Bubble is a no-code AI-powered platform where users describe the app they want to build and then the platform automatically generates the backend logic and frontend. The resulting apps are hosted on Bubble’s infrastructure under *.bubble.io, which is a trusted domain unlikely to trigger security warnings from email security solutions. Phishing actors take advantage of this by creating Bubble apps that consist of large, complex JavaScript bundles and Shadow DOM-heavy structures, which are not flagged as redirection scripts or classified as malicious by static and automated analysis tools. “The code generated by this no-code platform is a massive jumble of JavaScript and isolated Shadow DOM (Document Object Model) structures,” explains Kaspersky. “Even for an expert, it’s difficult to grasp what’s happening at first glance; you really have to dig through it to understand how it all works and what the purpose is.” “Automated web-code analysis algorithms are even more likely to get tripped up, frequently reaching the verdict that this is just a functional, useful site.” Code fragment of a Bubble appSource: Kaspersky The researchers warn that the tactic of abusing AI-powered app builders for evasion in phishing campaigns is very likely to be adopted by phishing-as-a-service (PhaaS) platforms and integrated into phishing kits that are widely used by lower-tier cybercriminals. These platforms already provide session cookie theft, adversary-in-the-middle (AiTM) layers that bypass two-factor authentication (2FA), geo-fencing, anti-analysis tricks, and AI-generated email content, so the abuse of legitimate platforms will only increase the stealth of these attacks. BleepingComputer has contacted Bubble for a comment about Kaspersky’s findings and any plans to strengthen anti-abuse protections, but we have not received a response by publishing time. Red Report 2026: Why Ransomware Encryption Dropped 38% Malware is getting smarter. The Red Report 2026 reveals how new threats use math to detect sandboxes and hide in plain sight.Download our analysis of 1.1 million malicious samples to uncover the top 10 techniques and see if your security stack is blinded. Download The Report Related Articles: OpenAI rolls out ChatGPT Library to store your personal filesMusician admits to $10M streaming royalty fraud using AI botsMicrosoft stops force-installing the Microsoft 365 Copilot appNew font-rendering trick hides malicious commands from AI toolsAI-generated Slopoly malware used in Interlock ransomware attack

Indicators of Compromise

• domain — bubble.io
• domain — cloudflare.com