App stores like the Google Play Store do their best to be safe spaces that users prefer whenever they need an app. Which doesn’t mean that some malware sometimes slips through the cracks. In any case, this is what the researchers at Check Point Security are reporting. Their latest report mentions in the case of an application, FlixOnline – which was actually malware that achieved the feat of staying on the Play Store while passing for a pirate Netflix app.
The researchers explain that most of the downloads, however, did not take place directly through the app store. The malware was indeed spread via WhatsApp conversations.. It could also deliver other malicious content via quick replies to incoming WhatsApp messages – that is, send links to other malware to your contacts. From there, explain the researchers, this malware could potentially do anything: take control of a device, extract the user’s personal data, spy on their keystrokes to find their most sensitive passwords, etc.
FlixOnline, the fake pirate Netflix app, had remained under the radar of the Play Store
The description of the FlixOnline application on the Play Store was itself quite “malicious” since its authors promised that it would give them free access to Netflix for 2 months “For quarantine reasons (coronavirus)”. Claiming to only give access to a trial period while streaming via WhatsApp arguably allowed the app to deceive Google’s vigilance for some time.
Rest this fake pirate application turns out to be non-functional, at least for what it promises to these victims. When the application installs, it asks for “Overlay”, “ignore battery optimizations” and “notifications” permissions. “Overlay” allows it to create fake login screens in other applications to steal your credentials. “Ignore battery optimizations” prevents the malware from being automatically closed in the background in power saving mode.
Also Read: WhatsApp – Ultra Dangerous Android Malware Spreads Into The App
Finally, access to notifications allows malware to spread via WhatsApp. If you accidentally installed FlixOnline on your Android smartphone, we strongly recommend that you uninstall the application as soon as possible.. Check Point Research recommends as an additional measure that you change your passwords, especially those of the most important accounts like your email address, Amazon, Google and banking services.
Source : Check Point Research
Get the latest news delivered to your inbox
Follow us on social media networks