Security News > 2023 > July > Hackers Exploit WebAPK to Deceive Android Users into Installing Malicious Apps
Threat actors are taking advantage of Android's WebAPK technology to trick unsuspecting users into installing malicious web apps on Android phones that are designed to capture sensitive personal information.
"The link contained in the message led to a site that used WebAPK technology to install a malicious application on the victim's device."
Details of the campaign were first shared by Polish cybersecurity firm RIFFSEC. WebAPK allows users to install progressive web apps to their home screen on Android devices without having to use the Google Play Store.
Once installed, the fake banking app urges users to enter their credentials and two-factor authentication tokens, effectively resulting in their theft.
"One of the challenges in countering such attacks is the fact that WebAPK applications generate different package names and checksums on each device," CSIRT KNF said.
The development comes as Resecurity revealed that cybercriminals are increasingly leveraging specialized device spoofing tools for Android that are marketed on the dark web in a bid to impersonate compromised account holders and bypass anti-fraud controls.
News URL
https://thehackernews.com/2023/07/hackers-exploit-webapk-to-deceive.html
Related news
- Blind Eagle Hackers Exploit Spear-Phishing to Deploy RATs in Latin America (source)
- Hackers Exploit PHP Vulnerability to Deploy Stealthy Msupedge Backdoor (source)
- Hackers use PHP exploit to backdoor Windows systems with new malware (source)
- Hackers steal banking creds from iOS, Android users via PWA apps (source)
- Chinese Hackers Exploit Zero-Day Cisco Switch Flaw to Gain System Control (source)
- US offers $2.5 million reward for hacker linked to Angler Exploit Kit (source)
- Russian APT29 hackers use iOS, Chrome exploits created by spyware vendors (source)
- Volt Typhoon Hackers Exploit Zero-Day Vulnerability in Versa Director Servers Used by MSPs, ISPs (source)
- Russian Hackers Exploit Safari and Chrome Flaws in High-Profile Cyberattack (source)
- North Korean hackers exploit Chrome zero-day to deploy rootkit (source)