Fake Netflix app FlixOnline spreads malware through WhatsApp
If it sounds like it is too good to be true, it probably is.
April 09, 2021 / 01:32 PM IST
FlixOnline promised the world the ability to view content on Netflix from all over the world without the need of a VPN [Image: AFP]
You have heard it a million times, never download things on your phone from anywhere other than Google's Play Store or Apple's App store. It is sound advice too, since these are the two most supported platforms for app distribution.
What if someone found a way to hide malware in plain sight by having it pose as an app on one of the most widely used app store front's in the market today. That is exactly what FlixOnline did.
FlixOnline promised the world the ability to view content on Netflix from all over the world without the need of a VPN. Once a user was lulled into downloading the app from the Play Store, it would then take over his WhatsApp messages and redistribute itself using auto-replies in WhatsApp.
It relied on three permissions on the phone to carry this out. Once installed, the app would ask permissions for Overlay, Battery Optimisation Ignore and Notifications.
Using these permissions, it could pose as a 'fake login screen' to record a user's credentials or have access to notifications on the device so that it can 'reply' to messages on WhatsApp.
As per Check Point Research
- the security firm that discovered the threat - Google has already removed the app from the Play Store but it was downloaded about 500 times before going away.