Fake Android app mimics Netflix-for-mobile

Share this article:
A new, malicious application masquerading as the online streaming video service Netflix is aiming to steal information from Android users, according to researchers at Symantec.

The phony app, which appears nearly identical to the actual one, contains a trojan “Android.Fakeneflic” that attempts to harvest users' Netflix account information, Symantec researcher Irfan Asrar wrote in a blog post Wednesday. The app was discovered on an online Android user forum, but is not available in the official Android Market.

Once an unsuspecting user enters their login credentials into the nefarious app, the data is captured and posted to the attackers' server, Asrar said. A screen then appears that informs users their current hardware is unable to install the app, and they need to upload another version.

“Android.Fakeneflic is a textbook case of an information-stealing trojan that targets account information,” Asrar wrote.

But as of Wednesday, the attackers' server appeared to be offline.

The official Android Netflix app was launched earlier this year for select phones that could handle video streaming.

“A gap in availability, combined with the large interest of users attempting to get the popular service running on their Android device, created the perfect cover for [the trojan] to exploit,” Asrar wrote.

Still, while cybercriminals are increasingly targeting smartphones, most of their existing efforts to actually monetize mobile malware have not yielded the same returns seen in the PC landscape, according to a Symantec report released Tuesday. 

“Year over year, people have predicted that mobile malware would take off and, to date, we haven't seen that happen,” Vikram Thakur, principal security response manager at Symantec, told SCMagazineUS.com. “We have seen a considerable increase in the amount of mobile malware, but it hasn't reached the proportion that people were expecting.”

Even so, attackers will likely begin targeting smartphones more aggressively as more users leverage them to conduct financial transactions, Thakur predicted.

“That will give attackers larger drive to go after the [mobile] platform in an effort to acquire that data off the phone,” he said.

Share this article:

Sign up to our newsletters

More in News

Brazilian president signs internet 'Bill of Rights' into law

Brazilian president signs internet 'Bill of Rights' into ...

President Dilma Rousseff signed the legislation on Wednesday at the NetMundial conference in Sao Paulo.

Android trojan sends premium SMS messages, targets U.S. users for first time

Android trojan sends premium SMS messages, targets U.S. ...

An SMS trojan for Android, known as FakeInst, has been observed sending premium SMS messages to users all over the world, including, for the first time, the United States.

Report: DDoS up in Q4 2013, vulnerability scanners leveraged to exploit sites

Report: DDoS up in Q4 2013, vulnerability scanners ...

Researchers observed 346 DDoS attacks in the final quarter of 2013 and attackers used Vega and Skipfish vulnerability scanners to exploit web flaws at financial companies.