Mysk🇨🇦🇩🇪 on Nostr: 🎬 So this scam #2FA app is using custom product pages of Apple Search Ads to trick ...
🎬 So this scam #2FA app is using custom product pages of Apple Search Ads to trick users. It has different campaigns per search keywords. When searching for "Microsoft Authenticator", it shows screenshots highlighting "Microsoft". and when searching for "Google Authenticator", it highlights "Google". Watch the video 🤯
It's worth noting that custom product pages need to be approved by @AppStore Connect and Apple Search Ads. This app steals 2FA secrets and its model is very suspicious as noted below.
Friendly reminder: Mastodon uses no algorithms for discovering posts. The only way to spread the word is by boosting posts. If you think this post is helpful, boost it to reach others. Thank you 🙏 #Privacy #Apple #iOS #cybersecuritytips #infosec #cybersecurity #security #2FactorAuthentication
{
"id":"b38e0f49fa59a0bf2f59717d937cd9bfdad3b60f5cb9ddf7d8d85869ae002ae4",
"pubkey":"c99d6973f0e81b7a1be1fb87314222784b0ba695bba3634aa1e1f208bb11a11e",
"created_at":1687257261,
"kind":1,
"tags": [
[
"t",
"2fa"
],
[
"t",
"privacy"
],
[
"t",
"apple"
],
[
"t",
"ios"
],
[
"t",
"cybersecuritytips"
],
[
"t",
"infosec"
],
[
"t",
"cybersecurity"
],
[
"t",
"security"
],
[
"t",
"2factorauthentication"
],
[
"mostr",
"https://defcon.social/users/mysk/statuses/110576091858818294"
]
],
"content":"🎬 So this scam #2FA app is using custom product pages of Apple Search Ads to trick users. It has different campaigns per search keywords. When searching for \"Microsoft Authenticator\", it shows screenshots highlighting \"Microsoft\". and when searching for \"Google Authenticator\", it highlights \"Google\". Watch the video 🤯\n\nIt's worth noting that custom product pages need to be approved by @AppStore Connect and Apple Search Ads.\nThis app steals 2FA secrets and its model is very suspicious as noted below.\n\nFriendly reminder: Mastodon uses no algorithms for discovering posts. The only way to spread the word is by boosting posts. If you think this post is helpful, boost it to reach others. Thank you 🙏 \n#Privacy #Apple #iOS #cybersecuritytips #infosec #cybersecurity #security #2FactorAuthentication\n\nhttps://files.defcon.social/dcsocial-s3/media_attachments/files/110/576/090/066/954/210/original/7ed1a9d8947a8605.mp4\n\nhttps://files.defcon.social/dcsocial-s3/media_attachments/files/110/576/090/526/097/938/original/660157ac19111a1e.png",
"sig":"111d2b9f48585ac9eee2aa26ee7f60a7a57a2464a9d7ac0f8b80f51cba150d08459faf0ae9bb3973687e6290f0c5f517fa56c36cfaf4b6168a6dd5908f17dbee"
}