Tag: fake

Google removes FlixOnline that is spreading malware via WhatsApp

Highlights:

  • A fake Netflix-like app promises to provide free Netflix content.
  • The FlixOnline spread malware via WhatsApp conversations.
  • After hundreds of downloads from Play store, it was finally removed.

About 3 weeks ago, this is what has happened.

As users of internet, we are advised to use apps from reliable sources like Google play store or Apple app store. But sometimes, fake apps like FlixOnline bypasses the online security and protection of Play store and enters it. The FlixOnline combines the popularity of Netflix, the traditional social trigger (‘free’) and the pandemic situation to its favour.

Instead of doing what it says it does, it sends automated reply to WhatsApp conversations luring them with free Netflix. The “wormable” malware spreads further via malicious links. The automated message says “2 Months of Netflix Premium Free at no cost For REASON OF QUARANTINE (CORONA VIRUS) * Get 2 Months of Netflix Premium Free anywhere in the world for 60 days. Get it now HERE ” and it provides a link. The link was designed to gain complete access to the user’s WhatsApp if clicked. “Theoretically, through these auto-generated replies, a hacker can steal data, cause business interruptions on work related chat groups, and even extortion by sending sensitive data to all the users contacts,” the researchers noted.

The FlixOnline malware when installed requests ‘Overlay’, ‘Battery Optimization Ignore’ and ‘Notification’ permissions. These are used to create new windows on top of other apps. The new windows are often designed to look like fake login pages nudging the users to enter authentic credentials. The notification access enables to app to “dismiss” or “reply” to messages while the battery optimization access is used to keep the app running in spite of turning off the app.

The Check Point Research notified the Google about this malicious app that was in its platform. Google was quick to remove it. It was reported that, in the course of 2 months, there were around 500 downloads.

To keep the phone safe, uninstall the app immediately and do not click any malicious links. Recheck your WhatsApp if any messages have been sent. Resetting the system would clear any malicious codes or files in it.

Next time, if something says ‘free’, BEWARE, it might ‘cost’ you a lot.

Photo by John-Mark Smith on Pexels.com