Netflix is ​​one of the most popular apps worldwide with 203.7 million subscribers worldwide earlier this year. Subscribers can choose from a wide variety of movies, TV shows and documentaries to stream through their devices. If you’re a classic car, you might be able to remember when your new Netflix discs were emailed and returned the same way.

This app spreads malware through your WhatsApp messages

The name of this malicious app is FlixOnLine and the promise of free Netflix was used to trick Android users into installing it on their phones. The goal was to get people to install FlixOnLine. Google Today the app was removed from the Play Store, but not before it was installed by multiple Android users.

In the “ad” that advertised the malicious app, it says: “2 months of Netflix Premium Free free for REASON OF THE QUARANTINE (CORONA VIRUS) * Get 2 months of Netflix Premium Free for 60 days anywhere in the world. Now HERE https https: // bit[.]ly / 3bDmzUw. “Instead of free Netflix, those who installed the app got involved in some malicious activity after the user granted certain permissions.

When the FlixOnLine permission request is sent, it has small print in it that some may never read. The permission request will ask for your permission so that the app can read all of your notifications, including personal information like contact names and the content of the messages you receive. If you tap “Agree”, not only are you asking about problems, but you are also giving the attacker the ability to disable / enable the Do Not Disturb feature on your phone.

As Check Point Research notes, “the malware can automatically reply to incoming WhatsApp messages from victims with a payload received from a command-and-control (C&C) server. This unique method could have allowed threat actors to Phishing attacks spread and spread false information or steal credentials and data from users’ WhatsApp accounts and more. “

For example. The bad actors behind FlixOnLine could spread more malware from malicious links, collect data from users WhatsApp accounts, send fake and malicious information to a user’s WhatsApp contact list, and extort money from victims by threatening to potentially explosive WhatsApp Send conversations to their contact list. If you use WhatsApp for business purposes there is a risk of installing FlixOnLine. To be honest, this threat also applies to any friendly, non-business relationships you have with others.

According to Check Point, the app was installed 500 times over a period of two months. Even though Google removed FlixOnLine, the app may cause havoc with your phone if you’ve previously installed it on your phone rather than deleted it. And if you are a WhatsApp user, you have been infiltrated and your personal information is not safe.

According to Check Point Research, the best thing you can do when you have the app is uninstall the app from your Android phone and change your passwords. This is a great example of how smart these bad actors have gotten and how their techniques allow them to walk right past the bouncer without getting caught. By “bouncer” we’re referring to Google Play Protect, which is supposed to scan all apps before installing them on your phone.

Apparently, some malicious apps can fool Google by appearing normal as they go through the scan. The malware that leads to the malicious activity is added later.

Source link

Leave a Reply