According to the latest news, malware masqueraded as a Netflix app, lurking on the Google Play store, spread from Android to Android via WhatsApp messages.
Significantly, the malware disguised as an app called FlixOnline, which spread via WhatsApp messages offering 2 Months of Netflix Premium Free Anywhere in the World for 60 days. However, once installed, the malware steals data and credentials.
The Malware listens for receiving WhatsApp messages and automatically responds to any that the victims receive. The answers attempted to attract others with the proposal of a free Netflix service. They contained links to a fake Netflix site that phished for credentials and credit card information.
The app is a fake service that claims to offer users to view Netflix content worldwide on their mobiles. According to analysis, the app monitors user’s WhatsApp notifications. It sends automatic replies to a user’s incoming messages using content that it gets from a remote server.
Another essential thing to mention is that the malware was also able to self-propagate, sending messages to users’ WhatsApp contacts and groups with links to the fake application.
Users Should Be Careful of Download Links or Attachments
According to Check Point, for two months that the app was live on Google Play, the malware has 500 victims. The company alerted Google to the malware, which remover the app. Still, researchers say that the malware family is likely to stay and return hidden in a different app.
The question is how to protect yourself. To protect against this type of malware, users should be careful of download links or attachments received via WhatsApp or other messaging apps. It is possible to receive a message from trusted contacts or messaging groups.
Moreover, suppose users find themselves with a fake app. In that case, they should instantly remove the suspicious application from the device and change all passwords.