This means unwitting users may not notice the change and believe they are visiting a legit website. Of course, this is a classic typosquatting ploy. If you are unfamiliar with this attack method, it involves tweaking URLs to fool users simply by registering a domain that is similar to a legit URL. Think of it as phishing with domains/URLs. In fact, phishing goes hand-in-hand with typosquatting because attackers will send the fraudulent URL to users via email, SMS, and other methods. On Android, the domains are designed to mimic popular Android app stores, including Google Play APKPure, and APKCombo. Other targets are famous apps such as Snapchat, TikTok, and PayPal APKs. When users interact with these domains (for example, “paltpal-pk[.]com”) they get malware such as a banking trojan.
Windows
As well as targeting Android, the campaign was also distributing malware on Windows. BleepingComputer found more than 90 websites that were personating 27 popular brands. For example, Microsoft’s Visual Studio Code was being copied with the URL domain “codevisualstudio[.]org” which is dangerously close to the official “code.visualstudio.com” URL. When entering this fraudulent domain, the device would become infected by spyware. BleepingComputer points to methods for avoiding becoming a victim of typosquatting. For example, be careful when typing the URL for a website and using antivirus software to check sites. Tip of the day: Windows lets you use Cortana to translate sentences, words, or phrases, with the results read back to you automatically. This makes it particularly useful for group scenarios, but you can also type if you’re unsure about pronunciation. Cortana translation sports an impressive 40 languages and utilizes machine learning to provide natural results in many cases. Check our full guide to learn how to use Cortana for quick translations.