June 12, 2024 at 01:41PM
A new phishing kit has been released enabling creation of deceptive corporate login forms using Progressive Web Apps (PWAs). PWAs are web-based apps that imitate desktop applications and can display fake address bars to make phishing forms look convincing. Security researcher mr.d0x has released templates for this technique, potentially enabling future phishing attacks.
Upon reviewing the meeting notes, the key takeaways are as follows:
– A new phishing kit has been released that enables the creation of Progressive Web Apps (PWAs) presenting convincing corporate login forms to steal credentials.
– PWAs are web-based apps that can be installed from a website like a regular desktop application and run in the browser, appearing as a desktop application with standard browser controls hidden.
– Many popular websites, such as X, Instagram, Facebook, and TikTok, use PWAs to offer a desktop app experience.
– The new phishing toolkit demonstrates how to create PWAs to display corporate login forms, even with a fake address bar showing the normal corporate login URL to make it more convincing.
– The phishing templates will require convincing to get a user to install the PWA, but threat actors may find it easier to distribute them through fake software or remote management tools websites.
– The PWA phishing templates have been released on GitHub by security researcher mr.d0x.
– This new PWA phishing method may require more convincing to get targets to install the app, but it is expected that threat actors may utilize this technique in the future.
– Currently, no existing group policies can prevent the installation of progressive web apps.
Please let me know if you require any further information or if there are additional details you would like to focus on from the meeting notes.