Researchers in CYBERSECURITY have alerted Android users to the possibility of hackers tricking them into installing malicious applications.
Hackers exploit WebAPK to steal Android user data.
1
WebAPK allows Android applications to run within a browser.
It is now possible to install Android applications on devices without the Google Play Store.
How the Attack Works
Researchers from CSIRT KNF say that the attack starts when victims receive a text message.The following are some of the ways to get in touch with each otherLast week, I saw a post on LinkedIn.
Text in the text indicates that mobile banking applications need to be updated.
The text contains a hyperlink that leads to a website that installs a malicious application on the device of the victim using WebAPK.
After a threat actor downloads malicious apps and installs them, the app can then be used to hack into a device and steal data.
Data that can be compromised includes bank logins, private contacts, media such as social networks, personal data, etc.
Cybercriminals may also use this software to install more malware or take over a device.
According to CSIRT KNF, “one of the biggest challenges for countering these attacks is that WebAPK generates different packages names and checksums on every device.”
They are built dynamically by the Chrome Engine, making it difficult to use these data as Indicators Of Compromises (IoC).
SECURE YOURSELF
Users are encouraged to block WebAPK-using websites in order to combat these attacks.
Downloading apps only from reputable sources is another way to stay safe.
You should always be cautious about clicking links you receive via email, social media or other platforms.
Check the hash of a file before you download it. This will verify its legitimacy.
You should always use an antivirus program or anti-malware.