XPost: alt.home.repair, misc.phone.mobile.iphone, sac.politics
XPost: talk.politics.guns
Banking customers have been targeted in a newly discovered method of
phishing attacks, new research has found.
A report from ESET found the attacks primarily focused on iPhone and
Android users by getting them to unknowingly download Progressive Web Applications (PWA) disguised as authentic apps.
PWAs are websites made to behave like a stand-alone application, with the
image seemingly verified by the use of native system prompts. PWAs bypass
the need for a user to allow third-party installation, with iOS phishing
sites posing as popular apps landing pages and directing victims to add
the PWA to their home screen. Ultimately, the PWAs behaved like a normal
mobile app - but by sidestepping the authorization of third-party
installation on Android, this led to the silent installation of Android
Package Kit (APK), which appeared to the user to be installed via the
Google Play Store.
Delivery methods
The campaign used three different URL delivery mechanisms - Voice call,
SMS delivery, and Malvertising, with customers across the Czech Republic, Hungary, and Georgia targeted.
Depending on the campaign, the install/update button launched the download
of a malicious application directly onto the user’s phone, either in the
form of a WebAPK (for Android devices) or a PWA. This bypassed the usual browser warnings of “installing unknown apps”.
https://www.techradar.com/pro/new-method-for-phishing-discovered-for- android-and-iphone-users
--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)