New AI-Powered Phishing Kits Bypass MFA and Target Major Services

Advanced Phishing Kits Leverage AI and MFA Bypass Tactics

Four new phishing kits—BlackForce, GhostFrame, InboxPrime AI, and Spiderman—have emerged, enabling attackers to steal credentials at scale. BlackForce, discovered in August 2025, is sold for between €200 and €300 and targets over 11 major brands, while InboxPrime AI automates email attacks with AI-generated content.

Why This Matters

Current defensive strategies often rely on signature-based detection and static analysis, which struggle to keep pace with the rapid evolution of phishing techniques. These kits demonstrate a shift toward more sophisticated evasion and automation, potentially leading to a significant increase in successful credential compromise and financial loss; studies estimate phishing accounts for over 90% of data breaches.

Key Insights

• BlackForce MitB Attacks: Utilizes Man-in-the-Browser techniques to capture OTPs and bypass MFA.
• AI Content Generation: InboxPrime AI leverages artificial intelligence to automate the creation of convincing phishing emails, removing manual effort for attackers.
• Modular Frameworks: Spiderman provides a full-stack framework replicating European banking login pages, incorporating ISP allowlisting and device filtering.

Working Example

(No runnable code provided in the context)

Practical Applications

• Financial Institutions: Require advanced behavioral biometrics and risk-based authentication alongside MFA to mitigate MitB attacks.
• End Users: Be wary of unexpected requests for credentials and MFA codes, and always verify website legitimacy before entering sensitive information.

References:

• https://thehackernews.com/2025/12/new-advanced-phishing-kits-use-ai-and.html