Could 21, 2025Ravie LakshmananMobile Safety / Browser Safety
Cybersecurity researchers have found a brand new marketing campaign that employs malicious JavaScript injections to redirect web site guests on cellular units to a Chinese language adult-content Progressive Internet App (PWA) rip-off.
“Whereas the payload itself is nothing new (one more grownup playing rip-off), the supply methodology stands out,” c/aspect researcher Himanshu Anand stated in a Tuesday evaluation.
“The malicious touchdown web page is a full-blown Progressive Internet App (PWA), doubtless aiming to retain customers longer and bypass fundamental browser protections.”
The marketing campaign is designed to explicitly filter out desktop customers, primarily specializing in cellular customers. The exercise has been described as a client-side assault that makes use of third-party JavaScript and solely triggers on cellular units.
The usage of PWAs, a sort of software constructed utilizing internet applied sciences that present a person expertise much like that of a local app constructed for a particular platform like Home windows, Linux, macOS, Android, or iOS, is seen as an try to sidestep safety protections.
The assaults contain injecting web sites with JavaScript code that acts as a loader to set off the redirection when the location is visited from units operating on Android, iOS, and iPadOS, amongst others.
The redirections are designed to steer the customers to grownup content material web sites or different middleman redirect pages promoting apps for viewing grownup content material. The pages subsequently take the victims to a faux app retailer itemizing for the supposed Android and iOS apps in query.
“The usage of PWAs suggests attackers are experimenting with extra persistent phishing strategies,” Anand stated. “The mobile-only focus permits them to evade many detection mechanisms.”
Discovered this text attention-grabbing? Observe us on Twitter and LinkedIn to learn extra unique content material we submit.
