Hacker News new | past | comments | ask | show | jobs | submit login

Yeah, I read articles calling it sophisticated. This is a super simple and straight forward worm. Disguise yourself as a known app and ask for more permission than you should. IDN exploits [0] and attachment faking [1] are more sophisticated if anything.

[0] https://www.wordfence.com/blog/2017/04/chrome-firefox-unicod...

[1] http://fortune.com/2017/01/18/google-gmail-scam-phishing/




Its sophisticated in the sense that it makes you trust them and willingly share your information with them. It doesn't rely on some brute force method or some complicated hacking method, it simply rely on a modern workflow that people are used to go through without thinking twice about it. It is simple and incredibly efficient.


It's sophisticated because of it's simplicity and effectiveness.


Technical simplicity, but sophisticated social engineering. Guess what the weakest link is between apps? It sure isnt the tech.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: