Hackers are getting trickier by the day, with new ways to dupe people into getting their details or their data. This app however posed as a pirated alternative to Netflix which is in huge demand during this pandemic with everyone sitting on their couch at home.
The application sneakily named FlixOnline was to be a pirated alternative to Netflix but was actually malware in disguise. It’s been on the Google Play Store for a while, trying to catch people desperate for the Netflix experience but not willing to pay for it. According to a recent profile of the app by a security firm called Check Point Research, the app would actually inject a self-replicating worm into the user’s device.
The malware would spread throughout the phone, abusing the power you have given it by allowing the permissions it requires. Flix asks for access to a lot of device controls and hijacks your WhatsApp to send spam messages to your friends and family. So basically, if someone messages you, it’ll auto-reply in your stead and send with the following message.
“2 Months of Netflix Premium Free at no cost For REASON OF QUARANTINE (CORONA VIRUS)* VIRUS)* Get 2 Months of Netflix Premium Free anywhere in the world for 60 days. Get it now HERE” [insert malicious link]
If anyone of your gullible contacts actually clicks on the link then they’ll be redirected to a website where they can download the app and down the rabbit hole, everyone goes. The malware will keep on spreading. This could help hackers find a way to steal all your personal information.
According to Aviran Hazum, manager of mobile intelligence at Check Point, “The fact that the malware was able to be disguised so easily and ultimately bypass Play Store’s protections raises some serious red flags”. The app was able to stay on Google’s Play Store for a whole 2 months and compromised at least 500 devices before being taken down.
Goes to show the difference between Apple’s App Store and Google’s Play Store. Google doesn’t really do a good job of weeding out the ugly ducklings in its store.
If you want to find something legit, try googling about it a bit more and check Reddit. It’ll save you a lot of pain. You didn’t hear this from me.