How the Scam Works
How the Scam Works Typical scams usually trick people by copying a website page or passing internet data back and forth. Bluekit changes this approach by using an attack method called Browser-in-the-Middle (BitM). According to Netcraft researchers, the system loads the real login page, like a Microsoft login, inside a browser that the hackers control. An open-source software tool called rrweb then “records and streams live DOM interactions” to the victim over a WebSocket connection, researchers explained. Further investigation revealed that the victim sees a real, working page instead of a simple picture or video stream. When the target types their details or clicks on buttons, those actions go right into the hacker’s browser. The victim thinks they are logging in normally, but they are actually opening their account inside the hacker’s computer. Passing the Security Tests Before showing the fake login page , the system runs a series of tests to bloc...