-
Notifications
You must be signed in to change notification settings - Fork 35
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
[iOS] Push Notifications can be used as a phishing attack vector #2886
Comments
The issue for now will be patched on the server side |
DmitryBespalov
added a commit
that referenced
this issue
Nov 20, 2023
DmitryBespalov
added a commit
that referenced
this issue
Nov 20, 2023
DmitryBespalov
added a commit
that referenced
this issue
Nov 21, 2023
DmitryBespalov
added a commit
that referenced
this issue
Nov 21, 2023
DmitryBespalov
added a commit
that referenced
this issue
Nov 21, 2023
DmitryBespalov
added a commit
that referenced
this issue
Nov 21, 2023
Handles #2886 Changes proposed in this pull request: - Shows warning in the transaction details if: - transaction is awaiting signatures or execution AND - ( transaction has no confirmations OR - confirming addresses are not safe owners OR - confirming addresses do not match recovered addresses from confirmation signatures )
DmitryBespalov
added a commit
that referenced
this issue
Dec 14, 2023
DmitryBespalov
added a commit
that referenced
this issue
Dec 14, 2023
Verified |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Bug description
Malicious attacker is able push phising transactions to the iOS mobile app that do not have any signatures from any of the owners or a delegate.
Steps To Reproduce
Assumption:
Expected Result
Examples
Example safeTxhashes of "test" phishing attempts
0x899fc4f14702977be37afe1187a6d5431c28f037ee9a6dc38c5b779165b4b6ab
0x4670c44c9609ea89fb7d5eb32295d8e1dcd200b38a460678b93b67f6b44279e5
Device & App version
The text was updated successfully, but these errors were encountered: