How Malicious PWAs Turn Browsers into Cybercriminal Tools
A fake Google Security site recently made headlines for its cunning use of a Progressive Web App (PWA) to steal credentials and multi-factor authentication (MFA) codes, demonstrating just how far cybercriminals will go to exploit both technology and human trust. By mimicking legitimate services and leveraging advanced browser permissions, attackers have transformed the humble browser into a launchpad for sophisticated attacks. The campaign, distributed via phishing domains like google-prism[.]com, lures users into installing a malicious PWA that operates almost indistinguishably from a real app—right down to its standalone window and convincing security prompts.
What makes this threat especially alarming is the way it weaponizes legitimate browser APIs—such as Notifications, Clipboard, and WebOTP—to harvest sensitive data, intercept one-time passcodes, and even turn the victim’s browser into a proxy for internal network attacks. Unlike traditional malware, these attacks don’t rely on exploiting software vulnerabilities; instead, they count on users granting permissions under the guise of enhanced security. This blend of technical sophistication and social engineering marks a new chapter in browser-based threats, with real-world consequences for both individuals and organizations.
How Malicious PWAs Turn Your Browser Into a Cybercriminal’s Playground
Weaponizing Progressive Web App (PWA) Features for Malicious Control
Progressive Web Apps (PWAs) have been widely adopted for their ability to deliver app-like experiences directly through the browser, blurring the lines between web and native applications. Cybercriminals have exploited these capabilities by crafting malicious PWAs that mimic legitimate services, such as Google Security, and then leveraging their advanced permissions to compromise user security. These malicious PWAs are distributed via phishing campaigns, such as those using the domain google-prism[.]com, which masquerades as an official Google security service.
PWAs can request a range of permissions typically reserved for trusted applications, including access to notifications, clipboard data, and device sensors. Once installed, these malicious apps operate in a standalone window, often without visible browser controls, increasing the likelihood that users will perceive them as legitimate and trustworthy. The attackers exploit social engineering tactics to convince users to grant these permissions under the pretense of enhancing device security.
Exploiting Browser APIs for Data Exfiltration and Surveillance
Malicious PWAs take advantage of browser APIs to harvest sensitive user data and maintain persistent access to compromised systems. The following table summarizes key APIs and their malicious uses:
| API/Feature | Malicious Use | Impact |
|---|---|---|
| Notifications API | Pushes fake security alerts, triggers app opening | Social engineering, increased persistence |
| Clipboard API | Reads copied text/images while app is open | Theft of credentials, crypto wallet data |
| WebOTP API | Intercepts SMS-based OTP codes | Bypassing MFA, account takeover |
| Periodic Background Sync | Maintains background connectivity | Continuous command & control |
| Geolocation API | Tracks real-time GPS data | Surveillance, physical tracking |
Attackers use these APIs to collect one-time passcodes (OTPs), cryptocurrency wallet addresses, device fingerprints, contact lists, and even real-time location data. For example, the malicious PWA described in the campaign can exfiltrate contacts, clipboard contents, and GPS data, all while running in the background or when prompted by notifications.
Turning the Victim’s Browser into a Proxy and Internal Network Scanner
One of the most insidious capabilities of these malicious PWAs is their ability to transform the victim’s browser into a proxy for the attacker. By leveraging service workers and WebSocket relays, the malware can route attacker-controlled web requests through the victim’s browser as if the attacker were present on the local network. This enables a range of advanced attacks, including:
- HTTP Proxying: The malware executes fetch requests with attacker-specified methods, headers, credentials, and body data, returning the full response—including headers—to the attacker. This allows the attacker to interact with internal resources, bypass network segmentation, and potentially exploit internal services.
- Internal Port Scanning: The PWA can scan the victim’s local network to identify live hosts and open ports, mapping the internal infrastructure for further exploitation or lateral movement.
This proxying ability is particularly dangerous because it does not require the attacker to exploit any browser vulnerabilities; instead, it relies on legitimate browser features and user-granted permissions.
Maintaining Persistence and Command Execution via Service Workers
Malicious PWAs employ service workers—background scripts that run independently of the web page—to maintain persistence and execute attacker commands. Service workers can handle push notifications, synchronize data in the background, and process commands received from the attacker’s command-and-control (C2) infrastructure.
Key persistence and command execution techniques include:
- Push Notifications: Used to deliver new tasks, fake alerts, or prompt the victim to reopen the malicious app, thereby re-enabling access to sensitive APIs.
- Periodic Background Sync: Allows the attacker to maintain ongoing communication with the compromised device, even when the app is not actively in use.
- WebSocket Relays: Facilitate real-time command execution and data exfiltration, as well as proxying attacker traffic through the victim’s browser.
The following table illustrates the persistence mechanisms leveraged by malicious PWAs:
| Persistence Mechanism | Functionality | Security Impact |
|---|---|---|
| Service Worker | Runs background tasks, handles notifications | Stealthy command execution |
| Background Sync | Maintains C2 connectivity | Ongoing attacker access |
| Notification Permissions | Triggers user interaction, reopens app | Re-enables data theft capabilities |
Bypassing Traditional Security Controls and Exploiting Human Trust
Unlike traditional malware, malicious PWAs do not exploit software vulnerabilities or require privilege escalation. Instead, they rely on the user’s willingness to grant permissions, often under the guise of a security upgrade or protection feature. This approach allows attackers to bypass many endpoint security controls, as the actions taken by the PWA appear legitimate from the perspective of the operating system and browser.
The attack flow typically involves:
- Phishing Lure: Victims are directed to a fake security site mimicking Google’s branding.
- Permission Requests: The site requests risky permissions (notifications, clipboard, geolocation) as part of a staged “security check.”
- PWA Installation: The user is prompted to install the malicious PWA, which then operates with elevated privileges.
- Ongoing Exploitation: The attacker uses notifications and background sync to maintain access and exfiltrate data.
This method is highly effective due to the increasing normalization of PWA installations and the trust users place in familiar brands and browser prompts. The attackers’ reliance on social engineering, rather than technical exploits, makes detection and prevention more challenging for traditional security solutions.
Comparative Analysis: Malicious PWA vs. Traditional Browser-Based Attacks
To contextualize the threat posed by malicious PWAs, it is useful to compare their capabilities with those of traditional browser-based attacks, such as malicious extensions or drive-by downloads.
| Attack Vector | Installation Method | Persistence | Data Access | Detection Difficulty |
|---|---|---|---|---|
| Malicious PWA | User-installed via phishing | Service workers, sync | Clipboard, OTP, contacts, GPS | High (appears legitimate) |
| Malicious Extension | Installed from store/link | Extension background | Browsing data, credentials | Medium (extension reviews) |
| Drive-by Download | Exploit-based, stealth | Malware persistence | System files, credentials | Low (antivirus detection) |
Malicious PWAs stand out due to their ability to operate with minimal user suspicion, their use of legitimate browser APIs, and their deep integration with browser features. Unlike extensions, which may be subject to store reviews and can be more easily identified by security software, PWAs are installed directly from the web and can evade many traditional detection mechanisms.
Advanced Social Engineering and Multi-Stage Attack Chains
The sophistication of malicious PWA campaigns is further demonstrated by their use of advanced social engineering and multi-stage attack chains. Attackers design multi-step setup processes that mimic legitimate security workflows, gradually escalating permission requests and encouraging users to install additional components, such as companion Android apps.
Notably, the Android companion app distributed alongside the malicious PWA requests 33 high-risk permissions, including access to SMS, call logs, microphone, contacts, and accessibility services. This enables comprehensive device compromise and financial fraud, extending the attacker’s reach beyond the browser and into the victim’s mobile ecosystem.
The attack chain can be summarized as follows:
- Initial Phishing: Victim visits fake security site.
- PWA Installation: User grants permissions and installs PWA.
- Permission Escalation: PWA requests additional permissions over time.
- Companion App Delivery: Victim is prompted to install an Android APK with extensive permissions.
- Full Compromise: Attacker gains persistent access to browser and device data.
This multi-stage approach increases the likelihood of successful compromise and data theft, as each step is framed as a legitimate security enhancement.
Leveraging Device Fingerprinting and Real-Time Monitoring
Malicious PWAs often build detailed device fingerprints, collecting information about the victim’s hardware, software, network environment, and user behavior. This data is used to tailor attacks, evade detection, and maximize the value of stolen information.
Device fingerprinting involves collecting:
- Browser version and capabilities
- Operating system details
- Installed fonts and plugins
- Network IP addresses and topology
- Active user sessions and authentication tokens
By combining device fingerprinting with real-time monitoring of clipboard contents, OTP codes, and notifications, attackers can execute highly targeted attacks, such as intercepting cryptocurrency transactions or bypassing multi-factor authentication at the precise moment the victim is most vulnerable.
Browser and Platform-Specific Limitations and Exploitation
While the malicious PWA described in the campaign is most effective on Chromium-based browsers (such as Chrome and Edge), its capabilities are more limited on Firefox and Safari. For example, on Firefox and Safari, the PWA’s ability to run background tasks and access certain APIs is restricted, though push notifications remain functional. This highlights the importance of browser architecture in determining the impact of malicious PWAs.
| Browser | PWA Capabilities | Attack Surface |
|---|---|---|
| Chrome/Edge | Full API access, background sync, proxying | High |
| Firefox/Safari | Limited API access, notifications only | Moderate |
Despite these limitations, the attackers adapt their techniques to maximize the effectiveness of their campaigns across different platforms, using notifications to lure victims back into the PWA and re-enable data theft features.
Summary Table: Malicious PWA Attack Lifecycle
| Stage | Attacker Action | Victim Impact |
|---|---|---|
| Phishing | Directs user to fake security site | User trust exploited |
| Permission Request | Requests notifications, clipboard, geolocation | Elevated app privileges |
| PWA Installation | Installs standalone malicious app | Persistent background access |
| Data Harvesting | Steals OTP, clipboard, contacts, GPS | Credential and data theft |
| Proxy/Port Scanning | Uses browser as proxy, scans internal network | Network mapping, lateral movement |
| Notification Lures | Sends fake alerts to reopen app | Repeated exploitation opportunities |
| Companion App Delivery | Prompts Android APK installation | Full device compromise |
This lifecycle underscores the versatility and danger of malicious PWAs, which exploit both technical features and human psychology to transform the browser into a powerful tool for cybercriminals.
Final Thoughts
The rise of malicious PWAs like the fake Google Security site is a wake-up call for anyone who relies on browsers for daily tasks—which, let’s face it, is nearly everyone. These attacks blur the line between trusted applications and cleverly disguised threats, using the very features designed to improve user experience as tools for exploitation. The campaign’s ability to bypass traditional security controls, maintain persistence through service workers, and escalate attacks with companion Android apps underscores the need for heightened vigilance and user education.
As browsers continue to evolve and integrate more powerful APIs, the security community must adapt just as quickly—rethinking detection strategies, refining permission models, and empowering users to recognize social engineering tactics. The battle for browser security is far from over, but understanding the anatomy of these attacks is a crucial first step toward staying one step ahead.
References
- Ilascu, I. (2026, March 1). Fake Google Security site uses PWA app to steal credentials, MFA codes. BleepingComputer. https://www.bleepingcomputer.com/news/security/fake-google-security-site-uses-pwa-app-to-steal-credentials-mfa-codes/