Hackers are using fake banking apps on iPhones to steal your data
Security researcher ESET has posted a report about a new phishing attempt by hackers to get your login information for your bank. The attack involves a method used to bypass Apple’s App Store and its gatekeeping methods and security checks.
The phishing campaign involves a phone call that a user gets that is supposedly from a bank, informing the user that the banking app they are using is out of date. After being instructed to select an option on a pop-up that appears, a phishing link is sent through an SMS message. When the user taps the link, a screen appears that mimics app store installations–ESET observed installation screens that imitated the Google Play Store but not the Apple App Store and ESET could not confirm that the scam involved fake Apple App Store installation screens, though iOS users are being targeted in this attack. An X post shows what the screens look like.
The app that is installed is a Progressive Web Application (PWA), which is essentially a website presented as an app on your phone. (They’re often called “web apps.”) The web app is designed to look like the bank’s app, and when the user enters their username, password, and any other info, it is sent to a server maintained by the attacker.
How to protect yourself from an attack
Progressive Web Applications themselves are not unique and generally harmless–in fact, before Apple opened the iPhone to third-party apps and created the App Store, Apple encouraged developers to build web apps. Even in today’s App Store, many apps are basically repackaged web apps, especially apps for financial institutions and retailers.
This attack was observed by clients of a bank in Czechoslovakia and ESET reports the attack appearing in the countries of Georgia, Hungary, and Poland. ESET did not mention the attack occurring in the U.S. or U.K.
If you are an iPhone user with a bank app, the safest way to get app updates is through the App Store. The App Store posts update notifications in your account profile, where you can install updates. You can also check the app’s entry in the App Store. Do not open links that you get through text messages. Learn more about iPhone malware and viruses. We also have tips on how to protect your phone from hackers.