Home›Technology›Hackers Trick With Fake Banking Apps, Exploits Android’s WebAPK Tech

Hackers Trick With Fake Banking Apps, Exploits Android’s WebAPK Tech

July 18, 2023

592

Google Play Store has implemented measures to protect users from malware by requiring a valid D-U-N-S number to submit new apps.

However, cybercriminals have found a new way to trick users into installing malicious apps through WebAPKs, bypassing the Play Store.

Security researchers have discovered a recent campaign exploiting WebAPKs to deceive victims.

Hackers are sending fake messages to people, pretending to be their bank, and telling them to update their banking apps. The message includes a link to a website that installs malicious apps on their phones.

One of the banks targeted is PKO Bank Polski. The fake app asks for the user’s login credentials and 2FA code, allowing the hackers to steal money from their bank account.

These malicious apps are difficult to track because they have different names and codes on each device.

The hackers exploit a technology called WebAPKs, which allows apps to be installed through the web browser without triggering any security alerts.

Threat actors are using Android’s WebAPK technology to trick people into installing malicious web apps on their phones.

They send SMS messages pretending to be a mobile banking app update, and when users click the link, a malicious app is installed on their device.

The fake app impersonates a real bank and asks users to enter their login credentials and 2FA tokens, stealing their information.

These attacks are difficult to detect because the WebAPK apps have different names and checksums on each device.

To protect against these threats, it is recommended to block websites that use WebAPK for phishing attacks.

Additionally, cybercriminals are using specialized tools to spoof Android devices and bypass anti-fraud controls, allowing them to access compromised accounts and conduct unauthorized transactions.

Also Read:- Has China Hacked The US Government’s Email Accounts?

To protect yourself against attacks, only download apps from official sources like the Google Play Store, avoid third-party app stores, don’t open links from text messages, and install antivirus and antimalware software on your smartphone.

TagsFake banking Apps Hackers

The Techy Guy

Pranjal Shah covers tech news at India Observers. He is very passionate about innovation, the internet world and gadgets. He loves to share technology-based niche news articles.

India Observers

Top Menu

Main Menu

Uttarakhand CM Pushkar Singh Dhami issues strong statement as bus plunges into gorge

Farah Khan and Suhana Share Throwback Photos and Warm Wishes for Shah Rukh Khan’s Birthday

ChatGPT Has Now Introduced New Web Search: Get Fast, Timely Answers With Reference Links

Space Exploration: ISRO’s first analog space mission kicks off in Leh

Economist and Sanskrit Scholar Bibek Debroy Passes Away; PM Modi Honors His Legacy

Hackers Trick With Fake Banking Apps, Exploits Android’s WebAPK Tech

The Techy Guy

Uttarakhand CM Pushkar Singh Dhami issues strong statement as bus plunges into gorge

Say Goodbye to Wrinkles with the Power of Moringa

Political Row Intensifies as Bommai Demands Action on Wakf Encroachment Report

Try these expert detox tips after all that festive feasting

Will PM Modi extend lockdown till June 1?

IIT Delhi develops low-cost COVID-19 testing kit, gets ICMR approval

Many question the transparency of PM Cares, a fund with over 7000 crore

Lockdown 3.0: Dos and Don’ts

India Observers

Top Menu

Main Menu

Hackers Trick With Fake Banking Apps, Exploits Android’s WebAPK Tech

You might be interested