Today > | 1 Medium vulnerabilities   -   You can now download lists of IOCs here!

Be careful what you wish for – Phishing in PWA applications

Aug. 21, 2024, 6:27 p.m.

Description

ESET analysts dissected a novel phishing method tailored to Android and iOS users, combining standard phishing delivery techniques with a novel approach of targeting mobile users via Progressive Web Applications (PWAs) and WebAPKs. Insidiously, installing these phishing PWAs and WebAPKs does not trigger warnings about installing third-party applications. Most of the observed applications targeted clients of Czech banks, but some also targeted banks in Hungary and Georgia. Two different threat actors were determined to be operating the campaigns based on their distinct command-and-control infrastructures.

Date

Published: Aug. 21, 2024, 6:09 p.m.

Created: Aug. 21, 2024, 6:09 p.m.

Modified: Aug. 21, 2024, 6:27 p.m.

Indicators

185.68.16.56

46.175.145.67

185.181.165.124

csas.georgecz.online

play-protect.pro

hide-me.online

cyrptomaker.info

blackrockapp.eu

Attack Patterns

T1437

T1417

Additional Informations

Finance

South Georgia and the South Sandwich Islands

Georgia

Hungary

Czechia