A pretend Netflix app on Google Play Store focused to unfold malware by robotically responding to WhatsApp messages. However, now Google has taken down the app that goes by the title FlixOnline.
As per the safety agency Check Point Research, the FlixOnline app sported a Netflix-like look to trick customers. Not simply that, it additionally promised two months of free subscription to customers by means of WhatsApp messages.
The app providing a free subscription shared a hyperlink that redirected customers to an internet site to only seize their private knowledge together with bank card particulars. Many Android customers downloaded the pretend app complicated it with Netflix.
By replying to incoming WhatsApp messages, this methodology may allow a hacker to distribute phishing assaults, unfold additional malware, or unfold false data or steal credentials and knowledge from customers’ WhatsApp account and conversations, in keeping with the specialists.
The FlixOnline app was accessible for practically two months with round 500 installs earlier than Google eliminated it final month.
Here’s the way it labored
Once the FlixOnline app was put in on Android smartphone from the Play Store it requested for 3 permissions – display screen overlay, battery optimization ignore, and notification.
As permissions had been granted, the malware had every part it wanted to start out distributing its malicious payloads and responding to incoming WhatsApp messages with auto-generated replies.
Check Point Researchers acknowledged that overlay is utilized by malware to create pretend logins and steal consumer credentials by creating pretend home windows on top of current apps.
The FlixOnline app then ‘listened’ for notifications and robotically responded to WhatsApp chats with a message.
It highlights that customers needs to be cautious of obtain hyperlinks or attachments that they obtain by way of WhatsApp or other messaging apps, even when they seem to return from trusted contacts or messaging teams.