Be careful what you wish for – Phishing in PWA applications
Aug. 21, 2024, 6:27 p.m.
Tags
External References
Description
ESET analysts dissected a novel phishing method tailored to Android and iOS users, combining standard phishing delivery techniques with a novel approach of targeting mobile users via Progressive Web Applications (PWAs) and WebAPKs. Insidiously, installing these phishing PWAs and WebAPKs does not trigger warnings about installing third-party applications. Most of the observed applications targeted clients of Czech banks, but some also targeted banks in Hungary and Georgia. Two different threat actors were determined to be operating the campaigns based on their distinct command-and-control infrastructures.
Date
Published: Aug. 21, 2024, 6:09 p.m.
Created: Aug. 21, 2024, 6:09 p.m.
Modified: Aug. 21, 2024, 6:27 p.m.
Indicators
185.68.16.56
46.175.145.67
185.181.165.124
csas.georgecz.online
play-protect.pro
hide-me.online
cyrptomaker.info
blackrockapp.eu
Attack Patterns
T1437
T1417
Additional Informations
Finance
South Georgia and the South Sandwich Islands
Georgia
Hungary
Czechia