8

Mysk🇨🇦🇩🇪: "The rogue 2FA app that steals …" - DEF CON Social

 11 months ago
source link: https://defcon.social/@mysk/110573066626397762
Go to the source link to view the article. You can view the picture content, updated content and better typesetting reading experience. If the link is broken, please click the button below to view the snapshot at that time.

Mysk🇨🇦🇩🇪: "The rogue 2FA app that steals …"

The rogue 2FA app that steals scanned secrets is now ranked 18 on the German App Store for the productivity category. No wonder! The app disguises as a Microsoft app. It is the top hit when you search for "Microsoft Authenticator" and the developer has updated the screenshots in the ad card to highlight the word "Microsoft". Surprisingly, the product page of the app shows different screenshots with the word "Microsoft" removed.
The app now has 1.2K reviews, as opposed to 18 when we first addressed the app.

🙏 Boosting this post will help spread the word. Thank you!

#privacy #security #2FactorAuthentication #iOS #infosec

Screenshot of the App Store showing the search results for
Screenshot of the product page of the rogue app on the App Store. The app screenshots are different from the ones that appear in the ad. The screenshots say
Screenshot taken about 4 months ago of the App Store showing the rogue app as the top search result when searching for
The rogue app is now ranked 18 in the productivity category of the German App Store

report

Recommend

About Joyk


Aggregate valuable and interesting links.
Joyk means Joy of geeK