ESET warns that a new attack campaign targeting Android users utilizes advanced social engineering and malware, facilitating the theft of NFC data for ATM withdrawals.
Initial exploitation involved progressive web apps (PWAs) that allowed installation from any website, circumventing the Play Store and leading users to phishing sites.
The switch from PWAs to WebAPKs represents a tactical shift in cyberattacks; WebAPKs operate more stealthily as they appear as native apps, without the browser icon.
Fraudulent websites mimic the Google Play Store, deceiving users into thinking they are downloading legitimate apps, thus illustrating the escalating sophistication of cyber threats.
[
Collection
]
[
|
...
]