Netflix Android Malware Targeting WhatsApp
As Netflix is one of the popular OTT platforms today, it’s now wondering fraudsters are targeting unsuspecting people into a trap on its name. As recently discovered by Check Point Research, a malicious app named FlixOnline is luring users into a Netflix-based scam and snooping on their WhatsApp chats.
As they reported, the campaign starts with the user installing the app available in the Google Play Store! After which, they’ll be greeted with the following message; Following the given link will take users to a phishing page, where they’ll ask to fill in some details and credit card information for obtaining the offer. It’s no wonder that many platforms ask users to submit their payment card data in advance of the free trial and charge them automatically after the free period is over. While the credentials submitted to the phishing page are sent to the hacker’s C2, victimized users will be asked several device permissions to help the app operate properly. These allow the app to draw over other apps, access notifications, disabling battery optimization, etc. All these are aimed at snooping on victim’s WhatsApp chats. Also Read- Best Netflix Alternatives While the drawing over other apps helps to observe WhatsApp chats, access to notifications lets the malicious app reply and share its malicious links to spread the campaign further. Also, ignoring the battery optimization will help the malicious app run throughout without killing it for saving the battery. Google has removed the malicious app from Playstore after being reported, and WhatsApp was notified about the campaign. Researchers said there are about 500 users fallen victim to this campaign in a span of two months before detection.