The attackers are creating fake overlays to trick users into providing login credentials for financial services apps, including potentially for crypto exchanges.
A new type of attack against mobile applications is posing a growing threat to crypto users, according to July 18 statements from Asaf Ashkenazi, CEO of cybersecurity firm Verimatrix.
The new threat is called an “overlay attack.” It works by creating a fake interface on the user’s device. This interface is then used to phish information from the user, including usernames, passwords, and even 2FA codes, Ashkenazi stated. Once this information is obtained, the attacker uses it to submit information in the real interface for a target application.
To carry out an overlay attack, the attacker needs to first convince the user to download an application on their mobile device. Screen overlay exploiters are usually disguised as games or other fun applications. When the user opens the application, it appears to work as intended.