- Kali365 is a sophisticated phishing platform as a service, also known as Octopi365 and Freedom365, targeting Microsoft accounts.
- It was first detected by security company Huntress in May 2026 when examining a large number of Microsoft 365 logins originating from China.
- FBI issues warning detailing process as part of public service announcement
Phishing attacks are nothing new: an estimated 3.4 billion malicious emails are sent daily, representing a gigantic 1.2% of all email traffic.
Google alone blocks approximately 100 million phishing emails daily, as threat actors continue to evolve their approaches, using unique campaigns, AI-generated content and, lately, QR codes to lure unsuspecting victims.
However, a suite of phishing-as-a-service tools recently spotted by cybersecurity company Huntress stands out for its sophistication, scale, and success rate.
A sophisticated phishing service for hire
What makes Kali365 unique from its peers is the scale at which it operates and the methods it uses. Unlike most phishing operations, it is a tool with at least 33 built-in templates posing as Microsoft products and services, 100 API endpoints, and role-based access control for phishing teams.
In addition to being AI-enabled phishing, it also has a sophisticated payment channel, crypto payment gateway integration, tiered access to the software suite, and, for those looking for a complete offering, a desktop app for traders.
However, Kali365 and its variants and clones, such as Octopi365 and Freedom365, do not directly compromise or circumvent MFA; Instead, they use a set of highly legitimate emails and calls to action that then steal session cookies and OAuth tokens, allowing access to the victim’s account.
The process itself is perfect; A potential victim sees a Microsoft website, an SSL certificate, and no warnings that they are effectively handing over access to a bad actor, who then uses their authenticated token to access their account. The AI-generated honeypots are sophisticated in themselves, but as the FBI notes, they still require the user to be email phished, and many pose as “trusted cloud productivity and document sharing services.”
However, the most damning use of AI is when Anthropic’s Claude AI model is used to read intercepted email threads, score them for fraud potential, and compose convincing response messages, complete with fabricated banking details and a fabricated sense of urgency, to be sent from the victim’s own mailbox.
While the FBI’s warning stands, it also goes some way to acknowledging that this is not an easy phishing attempt to avoid, given the scale, multitude of phishing attack vectors, and how “legitimate” it appears compared to most of its competitors. Resolving this would require a change by Microsoft to close the security loopholes that allow such authentication transfers, but for now, affected people can only report their experiences here.
Follow TechRadar on Google News and add us as a preferred source to receive news, reviews and opinions from our experts in your feeds.
