Netflix is one of the most popular apps in the world with 203.7 million subscribers worldwide at the start of this year. Subscribers can choose from a wide selection of movies, TV shows and documentaries to stream to their devices. If you are an old timer, you might remember when you received your new Netflix discs in the mail and returned them the same way.
This app spreads malware through your WhatsApp messages
Accepting the permissions requested by FlixOnLine opens your phone to attacks
The “advertisement” that promoted the malicious app read: “2 months of free Netflix Premium at no cost FOR QUARANTINE (CORONA VIRUS) * Get 2 months of Netflix Premium free anywhere in the world for 60 days. Get- now HERE https: // bit[.]ly / 3bDmzUw. “Instead of free Netflix, those who installed the app ended up facing malicious activity once certain permissions were granted by the user.
When the FlixOnLine authorization request is sent, it contains small print that some might never read. The permission request asks you for permission to allow the app to read all of your notifications, “including personal information such as contact names and the content of messages you receive. If you press” Accept, ” not only are you asking for trouble, but you are giving the attacker the ability to disable / enable Do Not Disturb on your phone.
For example. bad actors behind FlixOnLine could spread more malware from malicious links, collect data on users WhatsApp accounts, send bogus and malicious information to users WhatsApp contact list and blackmail / extort money to victims by threatening to send potentially explosive WhatsApp conversations to their contact list. If you are using WhatsApp for business, the danger of installing FlixOnLine is obvious. To be honest, this threat also applies to the non-business friendly relationships you have with others.
According to Check Point, the app was installed 500 times over a two-month period. Even though Google removed FlixOnLine, if you had it already installed on your phone and didn’t remove it, the app is still wreaking havoc with your phone. And if you are a WhatsApp user, you have been infiltrated and your personal information is not safe.
The best thing you can do if you have the app, according to Check Point Research, is uninstall the app from your Android phone and change your passwords. It’s a good example of how smart these bad actors are and how their techniques allow them to walk right next to the bouncer without getting caught. By bouncer we refer to Google Play Protect which is supposed to scan all apps before they get installed on your phone.
Apparently, some malicious apps are able to trick Google into appearing normal during the scan. Malware that leads to malicious activity is added later on the line.