If you are an Android phone user and are also use WhatsApp then please be alert. Cybersecurity experts have found a fake service app on Google Play Store that offers users to view Netflix on their smartphones for free.
According to Check Point Research (CPR) :
FlixOnline the hackers distributed the malware via malicious auto-replies to incoming WhatsApp messages, using payloads received from a remote command and control (C&C) server.
FlixOnline app was download approximately 500 times in last two months.
If you reply to incoming WhatsApp messages then this method could enable a hacker to distribute phishing attacks, spread further malware, or spread false information or steal credentials and data from users.
This Android malware features innovative and dangerous new techniques for spreading itself, and for manipulating or stealing data from trusted applications such as WhatsApp.
Dont download links or attachments that they receive via WhatsApp or other messaging apps, even when they appear to come from trusted contacts or messaging groups.
What happen if application is download from the Play Store and installed?
When application is download from the Play Store and install then the malware starts a service that requests ‘Overlay’, ‘Battery Optimization Ignore’, and ‘Notification’ permissions.
And if these permissions are grant then malware has everything it needs to start distributing its malicious payloads and responding to incoming WhatsApp messages with auto-generated replies.
Experts have notified Google about the malicious application and the details of its research and Google quickly removed the application from the Play Store.
THANK YOU FOR READING.