Fake Netflix App on Google Play Spreads Malware Via WhatsApp

Threatpost reports about a fake Netflix app on the Google Play store that spreads malware to Android devices via Whatsapp messages. A Check Point Research analysis found that the actual app disguises as an app called “FlixOnline,” which promises users of free Netflix Premium access worldwide for two months. Once users install the application, the malware then steals their data and credentials. The malware also automatically responds to any WhatsApp messages that the users receive, which lures others with the same free Netflix service offer. “The malware’s technique is fairly new and innovative. The technique here is to hijack the connection to WhatsApp by capturing notifications, along with the ability to take predefined actions, like ‘dismiss’ or ‘reply’ via the Notification Manager. The fact that the malware was able to be disguised so easily and ultimately bypass Play Store’s protections raises some serious red flags,” said Aviran Hazum, Check Point’s manager of Mobile Intelligence.