Google has pulled a bogus Netflix app after security experts found it was spreading malware through scam WhatsApp messages…
Google has taken down an app impersonating Netflix from the Play Store that spread malware. The tech giant removed the bogus app after security firm Check Point Research discovered it not only contained malicious code, but also stole banking information from its victims. The fake app fooled people into downloading it by promising two months of free subscription through WhatsApp messages.
Google Removes Impostor Netflix App FlixOnline from Play Store for Spreading Malware
The impostor app, FlixOnline, used overlays to trick unsuspecting consumers into giving up their personal data, including credit or debit card information. It worked by requesting three types of permissions: screen overlay, battery optimization ignore, and notification. Once authorized, it created phony login pages to trick victims into entering their personal details, including payment information. Aviran Hazum, Manager of Mobile Intelligence at Check Point Software, explains:
“The malware’s technique is new and innovative, aiming to hijack users’ WhatsApp account by capturing notifications, along with the ability to take predefined actions, like ‘dismiss’ or ‘reply’ via the Notification Manager. The fact that the malware was able to be disguised so easily and ultimately bypass Play Store’s protections raises some serious red flags. Although we stopped one campaign using this malware, the malware may return hidden in a different app.”
Fortunately, the malicious app was only live on the Play Store for about two months before Google removed it. And, it was only downloaded less than five hundred times prior to its deletion.