To protect against such threats, it is advised to block websites that exploit the WebAPK mechanism for phishing attacks.
When attempting to infect Android phones with malware, hackers typically trick users into installing a malicious app by sideloading an APK (Android Package Kit) file. However, a new technique has emerged that is even simpler for hackers to execute, as it eliminates the need for users to sideload the malicious app.
As per a report by The Hacker News, security researchers from the Polish Financial Supervision Authority's Computer Security Incident Response Team (CSIRT KNF) uncovered a recent campaign. In this campaign, cybercriminals send text messages to banking customers, claiming they need to update their mobile banking app.
In addition to the instructions, these messages include a link for users to update their app. However, instead of directing them to the trusted Play Store or another official Android app store, the link exploits WebAPK technology to install a malicious app onto their smartphone.
WebAPK is a technology that allows Android users to install progressive web apps (PWAs) on their device's home screen without going through the Google Play Store. Google's documentation explains that when a user installs a PWA using WebAPK, a process called "minting" occurs. This process involves the creation and signing of an APK for the PWA.
It should be noted that to protect against such threats, it is advised to block websites that exploit the WebAPK mechanism for phishing attacks.