Injection-Info: sewer.dizum.com - 2001::1/128
Banking customers have been targeted in a newly discovered method of
phishing attacks, new research has found.
Xref: unconfigured alt.home.repair:1860 comp.mobile.android:2662 misc.phone.mobile.iphone:2137

A report from ESET found the attacks primarily focused on iPhone and
Banking customers have been targeted in a newly discovered method of
Android users by getting them to unknowingly download Progressive Web
phishing attacks, new research has found.
Applications (PWA) disguised as authentic apps.

A report from ESET found the attacks primarily focused on iPhone and
PWAs are websites made to behave like a stand-alone application, with the
Android users by getting them to unknowingly download Progressive Web
image seemingly verified by the use of native system prompts. PWAs bypass
Applications (PWA) disguised as authentic apps.
the need for a user to allow third-party installation, with iOS phishing

sites posing as popular apps landing pages and directing victims to add
PWAs are websites made to behave like a stand-alone application, with the
image seemingly verified by the use of native system prompts. PWAs bypass
the PWA to their home screen. Ultimately, the PWAs behaved like a normal
the need for a user to allow third-party installation, with iOS phishing
mobile app - but by sidestepping the authorization of third-party
sites posing as popular apps landing pages and directing victims to add
installation on Android, this led to the silent installation of Android
Package Kit (APK), which appeared to the user to be installed via the
the PWA to their home screen. Ultimately, the PWAs behaved like a normal
Google Play Store.
mobile app - but by sidestepping the authorization of third-party

installation on Android, this led to the silent installation of Android
Delivery methods
The campaign used three different URL delivery mechanisms - Voice call,
Package Kit (APK), which appeared to the user to be installed via the
SMS delivery, and Malvertising, with customers across the Czech Republic,
Hungary, and Georgia targeted.
Google Play Store.

Depending on the campaign, the install/update button launched the download
Delivery methods
of a malicious application directly onto the user�s phone, either in the
The campaign used three different URL delivery mechanisms - Voice call,
form of a WebAPK (for Android devices) or a PWA. This bypassed the usual
SMS delivery, and Malvertising, with customers across the Czech Republic,
browser warnings of �installing unknown apps�.
Hungary, and Georgia targeted.

https://www.techradar.com/pro/new-method-for-phishing-discovered-for-
Depending on the campaign, the install/update button launched the download
android-and-iphone-users
of a malicious application directly onto the user�s phone, either in the

form of a WebAPK (for Android devices) or a PWA. This bypassed the usual
. browser warnings of �installing unknown apps�.

https://www.techradar.com/pro/new-method-for-phishing-discovered-for-
android-and-iphone-users