-
Notifications
You must be signed in to change notification settings - Fork 0
Home
Message Android Application is nowadays comprising most of android phones has a feature which is used to access your messages on web (https://messages.google.com/web) by login using QR Code
But the feature can be exploited to get the OTP from the victim
Suppose The Hacker Open the Google Message Web (https://messages.google.com/web) in his device and the hacker needs the victim's mobile phone only one time to scan the qr code from Message Android Application. If the hacker using Social Engineering somehow manages to scan the QR or make the victim scan the QR then the hacker will have access to Message application. And the Hacker will send the Password Reset OTP of Many Services (Ex. Facebook, Whatsapp, etc.) on the victim number and hacker receives on Google Message Web and the hacker enters the OTP and reset the password.