Geeks for your information News Privacy & Security News v
Fake Netflix App on Google Play Spreads Malware Via WhatsApp
Fake Netflix App on Google Play Spreads Malware Via WhatsApp
silversurfer Offline
Staff Member
******
Posts: 3,885
Threads: 3,283
Thanks Received: 5,064 in 3,838 posts
Thanks Given: 6,200
Joined: 12 September 18
#1
Information  11 April 21, 11:43
Quote:Malware disguised as a Netflix app, lurking on the Google Play store, spread through WhatsApp messages, researchers have discovered.
 
According to a Check Point Research analysis released on Wednesday, the malware masqueraded as an app called “FlixOnline,” which advertised via WhatsApp messages promising “2 Months of Netflix Premium Free Anywhere in the World for 60 days.” But once installed, the malware sets about stealing data and credentials.
 
The malware was designed to listen for incoming WhatsApp messages and automatically respond to any that the victims receive, with the content of the response crafted by the adversaries. The responses attempted to lure others with the offer of a free Netflix service, and contained links to a fake Netflix site that phished for credentials and credit card information, researchers said.
 
“The app turned out to be a fake service that claims to allow users to view Netflix content from around the world on their mobiles,” according to the analysis. “However, instead of allowing the mobile user to view Netflix content, the application is actually designed to monitor a user’s WhatsApp notifications, sending automatic replies to a user’s incoming messages using content that it receives from a remote server.”
 
The malware was also able to self-propagate, sending messages to users’ WhatsApp contacts and groups with links to the fake app. To that end, the automated messages read, “2 Months of Netflix Premium Free at no cost For REASON OF QUARANTINE (CORONA VIRUS)* Get 2 Months of Netflix Premium Free anywhere in the world for 60 days. Get it now HERE [Bitly link].”
 
Over the course of two months that the app was live on Google Play, the malware racked up 500 victims, according to Check Point. The firm alerted Google to the malware, which took the app down. However, “the malware family is likely here to stay and may return hidden in a different app,” researchers warned.
 
“The malware’s technique is fairly new and innovative,” Aviran Hazum, manager of Mobile Intelligence at Check Point, said in the analysis. “The technique here is to hijack the connection to WhatsApp by capturing notifications, along with the ability to take predefined actions, like ‘dismiss’ or ‘reply’ via the Notification Manager. The fact that the malware was able to be disguised so easily and ultimately bypass Play Store’s protections raises some serious red flags.”

Read more: Fake Netflix App on Google Play Spreads Malware Via WhatsApp | Threatpost
[-] The following 1 user says Thank You to silversurfer for this post:
  • harlan4096
Find
Reply


Forum Jump:


Users browsing this thread: 1 Guest(s)
[-]
Welcome
You have to register before you can post on our site.

Username/Email:


Password:

[-]
Recent Posts
QOwnNotes 19.1.6
25.7.7 Fixed a ...Kool — 15:10
VMware Workstation Pro 17.6.4
VMware Workstation...harlan4096 — 10:22
VirtualBox 7.1.12
VirtualBox 7.1.12​...harlan4096 — 08:15
Google Chrome 138.0.7204.157/.158
Google Chrome 138....harlan4096 — 08:14
RThunderbird for Android 11.0
Thunderbird for An...harlan4096 — 08:12

[-]
Birthdays
Today's Birthdays
No birthdays today.
Upcoming Birthdays
avatar (42)lapedDow
avatar (48)rituabew
avatar (36)omyjul
avatar (40)papedDow
avatar (49)ArnoldFum
avatar (37)yfaza
avatar (48)Kevensi
avatar (38)boineDon
avatar (39)Grompelbawn
avatar (40)vkseogaF
avatar (36)usogy
avatar (39)ywixazok
avatar (37)ixoqe
avatar (35)pa.OpenTran

[-]
Online Staff
There are no staff members currently online.

>