PWA phishing on Android and iOS – Week in security with Tony Anscombe
- by nlqip
Video
Phishing using PWAs? ESET Research’s latest discovery might just ruin some users’ assumptions about their preferred platform’s security
23 Aug 2024
ESET researchers have recently revealed an uncommon type of phishing campaign using Progressive Web Apps (PWAs) that targeted the clients of a prominent Czech bank.
The technique used installed a phishing application from a third-party website without the user having to allow third-party app installation. This is because PWAs are simply websites bundled into what feels like a standalone app, enhanced by the usage of native system prompts.
For iOS users, such an action might break their assumptions about their platform’s security. On Android, this could result in the silent installation of a special kind of APK, which even appears to be installed from the Google Play store.
Learn more in Tony’s latest video.
Connect with us on Facebook, Twitter, LinkedIn and Instagram.
Source link
lol
Video Phishing using PWAs? ESET Research’s latest discovery might just ruin some users’ assumptions about their preferred platform’s security 23 Aug 2024 ESET researchers have recently revealed an uncommon type of phishing campaign using Progressive Web Apps (PWAs) that targeted the clients of a prominent Czech bank. The technique used installed a phishing application from…
Recent Posts
- A Vulnerability in Apache Struts2 Could Allow for Remote Code Execution
- CISA Adds One Known Exploited Vulnerability to Catalog | CISA
- Xerox To Buy Lexmark For $1.5B In Blockbuster Print Deal
- Vulnerability Summary for the Week of December 16, 2024 | CISA
- Arm To Seek Retrial In Qualcomm Case After Mixed Verdict