The National Information Technology Board (NITB) on Tuesday urged Android users of a malware threat caused by a fake Netflix app called “FlixOnline”.
“Do not download the Netflix app [named] FlixOnline. It transfers a harmful file to your device,” wrote NITB in a post on Twitter. “Never use any untrusted app or APK (file). Stay alert and stay safe!” it added.
The malware is disguised as an app called ‘FlixOnline,’ which was advertised using WhatsApp messages presenting an offer of 2 months of Netflix Premium free anywhere for 60 days. However, once a user installs the malware, it works to steal personal data and credentials.
Read more: NITB introduces the application “Kamyab Jawan” to empower the youth of Pakistan
The post further describes the threat stating that a “wormable Android malware” is discovered on the Google Play Store which increases as it automatically replies to a user’s incoming WhatsApp messages. It sends a malicious file that infects the phone. “Users are advised not to download FlixOnline and uninstall if present,” the IT Board stated.
The said malware is designed to monitor the incoming WhatsApp messages and automatically reply to any that the victims receive, with the content of the answer created by the hackers. The replies further attempted to draw in others with the proposition of a free Netflix service and contained links to a fake Netflix site that phished for credentials and credit card information, according to the experts.
Read more: Netflix is testing a new feature to limit Password Sharing
Over the course of two months that the application was active on Google Play, and the malware managed to rack up around 500 victims. The organization warned Google about the malware, which resulted in the app being taken down.
Aviran Hazum, Manager of Mobile Intelligence at Check Point stated that the technique here is to seize the connection to WhatsApp by capturing notifications, along with the ability to take predefined actions, like ‘dismiss’ or ‘reply’ through the Notification Manager. The fact that the malware was able to mask itself so easily and eventually bypass Play Store’s protections raises some serious security concerns.
Image Source: CNET