Android Users Beware: Hackers Using Deceptive Tactics to Install Malware
Android has developed a reputation for being less safe than iOS, and
this is largely due to the prevalence of malware. It turns out that
hackers have been using Android’s own WebAPK to trick users into getting
malware onto their devices with all things having been considered and
taken into account. This comes from a report
published by the Computer Security Incident Response Team for the
Polish Financial Supervision Authority, and it reveals just how
commonplace such attacks have become.
With all of that having
been said and now out of the way, it is important to note that WebAPKs
for Android are a core component of so called progressive apps. They
provide a halfway point between apps made for phones and those that can
be used on a desktop of laptop through a browser. Such apps are becoming
increasingly prevalent, but in spite of the fact that this is the case,
they are also contributing to a rise in malware.
The main issue
here is that web apps don’t face the same restrictions as apps that can
be downloaded from the Google Play Store. Hence, malicious actors can
make it so that packages can be delivered to the devices, and they will
easily bypass any and all security protocols that have been put in
place.
In Poland, malicious actors were able to impersonate a
bank named PKO Bank Polski, sending users official looking text messages
that claimed that they needed to update their information. These users
usually receive a link in the text message, but clicking on this link
will lead to their sensitive information falling into the wrong hands.
The
best way to protect yourself from such outcomes is to never click a
link that you receive in a text message. Even if the message seems to
come from an official source, there is a chance that a hacker might be
behind it. Web apps come with their fair share of pros and cons, and the
security risks associated with them are hard to deny. Banking trojans
can lead to significant financial losses if common sense steps are not
taken.
m