Mobile Sensor Becomes the New Evasion Technique for Phishing Attack

Security experts have detected that attackers are leveraging a new and unique evasion technique to launch phishing attacks. This new technique abuses the sensors that have been built into smartphones for more than a decade.


Sensors abused for the phishing attack


As reported by security experts from PhishLabs, the attack abuses an experimental feature available in select web browsers: device motion and orientation events. More specifically, the phishing attack abuses the gyroscope and accelerometers of smartphones.

The same sensors can be activated on certain mobile browsers. “By checking for the presence and state of these controls, a site can determine whether it is on a mobile device and behave differently in response,”


How does the attack work?


The attack starts with a text message that appears to come from a high-profile target from a financial organization. The message uses a typical social engineering technique to gets the victims to click on a URL that claims to have important notice.

A visitor visiting the URL is presented with a blank page. However, on a subsequent attempt to view the page results in receiving 404 responses from the server. This indicates that attackers are leveraging multiple layers of countermeasures to remain undetected.

Researchers note that “With the code partially deobfuscated, we began investigating each element. This led to the discovery that the threat actor was attempting to guarantee the victim is using a mobile device by using calls to the gyroscope and accelerometer.”