|
|
Android malware hid in fake Netflix app and spread through WhatsApp - TechAmok
Android malware hid in fake Netflix app and spread through WhatsApp - [security]
03:22 PM EDT - Apr,07 2021 - post a comment Despite Google's efforts to combat malware on Android, every now and then a new threat slips through the cracks. Researchers at Check Point Research have shared details (via ZDNet) on a threat that could have lured Android users with the promise of free access to Netflix content and spread through WhatsApp. As noted in the company's blog post, the malware lives in an app called FlixOnline, which was available on the Play Store and promised users the ability to watch Netflix content from all over the world. However, instead of doing that, the app requests a handful of permissions that enable it to steal user data and spread to other users more easily. Once all permissions were granted, the app hid itself from the app launcher so it would be harder to delete.
Upon being installed, the app requests a few special permissions - displaying over other apps, ignore battery optimizations, and notification access. Displaying over other apps means the app can disguise itself and display a fake login screen on top of other apps, leading users to enter their personal information and sending it to the attackers. Meanwhile, ignoring battery optimizations means the app won't be killed in the background, so it can stay active even if it's been idle for a while.
Notification access is potentially the most concerning one. For one thing, the app can harvest information from the user's notifications, including messages they receive. Not only that, the app can perform quick actions on those notifications, like replying to messages on WhatsApp, which is exactly what it does to spread to other users. Whenever the affected user gets a notification from WhatsApp, the fake app hides it and sends a reply promising two months of free Netflix access with a download link that installs the malware on that device as well.
Check Point Research reported the malware to Google prior to disclosing the vulnerability and the FlixOnline app was removed from the Play Store quickly. However, roughly 500 users downloaded the app over two months, which could have spread the malware to many other users through WhatsApp. Anyone who has been affected should uninstall the app from the device settings and change their passwords. |
|
Short overview of recent news articles |
|
Everyone is Buying the Wrong Dash Cam! (2026) (Feb,21 2026 ) Big Brother on Discord: Leaked Code Shows Age Verification Runs You (Feb,20 2026 ) OpenClaw’s Top Skill is a Malware that Stole SSH Keys and Opened (Feb,19 2026 ) Google Adds Satellite SOS to its Affordable Pixel Phone (Feb,19 2026 ) Phison CEO Warns: AI-Driven NAND and DRAM Shortage Could Bankrupt (Feb,19 2026 ) NVIDIA CEO hypes up GTC 2026, promises to unveil a chip that will (Feb,19 2026 ) Microsoft is uploading your confidential emails to Copilot for (Feb,19 2026 ) Anthropic Releases Claude Sonnet 4.6 with Improved Coding, Computer (Feb,18 2026 ) Apple Eyeing A Partnership With Chinese Memory Makers YMTC And CXMT (Feb,17 2026 ) This $60,000 TV was IRRESISTIBLE (Feb,17 2026 ) Keenadu Android Backdoor Infects Firmware, Spreads via Google Play (Feb,17 2026 ) Discord's ID Check Nightmare Sparks Massive Exodus to TeamSpeak (Feb,17 2026 ) Amazing Robot Performance at the 2026 Spring Festival Gala (Feb,17 2026 ) Apple brings video podcasts and other improvements in iOS 26.4 beta (Feb,16 2026 ) Dutch Defence Secretary Boldly Claims F-35 Software Could Be (Feb,16 2026 ) Samsung shows off Galaxy S26 Ultra privacy display (Feb,16 2026 ) 60 Million Passwords Exposed? ETH Zurich Shatters 'Unbreakable' (Feb,16 2026 ) Apple MacBook with iPhone chip launches next month (Feb,15 2026 ) Discord's Disturbing Ties to Global Surveillance | ID Verification, (Feb,15 2026 ) 20 Mind-Blowing Tech Gadgets You MUST See in 2026! (Feb,15 2026 ) Western Digital's HDD production capacity for 2026 is fully sold (Feb,15 2026 ) Google Releases First Beta Version of Android 17 (Feb,14 2026 ) The Audiophile Gaming Headset - HIFIMAN x ROG Kithara (Feb,14 2026 ) 7zip Malware: Beware 7zip.com (Feb,14 2026 ) REDMAGIC 11 Pro Review: Can This Be Your ONLY Phone? (Feb,14 2026 ) Google Docs now has AI-generated audio summaries (Feb,13 2026 ) Apple Patches Actively Exploited Zero-Day Vulnerability Across (Feb,13 2026 ) What is the Windows.old folder and can I delete it? (Feb,13 2026 ) Microsoft AI CEO Mustafa Suleyman: 'Most White Collar Work Will Be (Feb,12 2026 ) Helldivers Movie Lands November 2027 Release, Jason Momoa to Star (Feb,12 2026 ) Apple 0-Day Vulnerability Actively Exploited in Sophisticated Attack (Feb,12 2026 ) Apple releases iOS 26.3 and iPadOS 26.3 to the public (Feb,11 2026 ) T-Mobile Announces Live Audio Language Translation as a Network (Feb,11 2026 ) Windows 11 26H1 Drops Exclusively on New Snapdragon X2 Devices - No (Feb,10 2026 ) Fake 7-Zip downloads are turning home PCs into proxy nodes (Feb,10 2026 ) Microsoft Patch Tuesday February 2026 - 54 Vulnerabilities Fixed, (Feb,10 2026 ) Snapdragon X2 Elite Early - Performance Preview (Feb,10 2026 ) AI Chat App Exposes 300 Million Messages from 25 Million Users (Feb,10 2026 ) My Kids can Pick ANY Phone They Want For a Present (Feb,09 2026 ) Microsoft Removes Printer Drivers in Windows 11 Update - What You (Feb,09 2026 ) Apple's Next AirPods Pro Will Literally See the World Around You (Feb,09 2026 ) Beware of Apple Pay Phishing Attack that Aims to Steal Your Payment (Feb,09 2026 ) NASA to Allow Astronauts to Bring Smartphones to Space (Feb,08 2026 ) AT&T Launches New Samsung Phone for Kids (Feb,08 2026 ) Headphones with Noise Cancelling that Don't Stick in your Ear - (Feb,07 2026 ) Microsoft Just Killed Your Old Printer: Legacy Drivers Officially (Feb,07 2026 ) RenEngine Loader and HijackLoader Duo Infects Over 400,000 Gamers in (Feb,06 2026 ) EpsteIn Tool: Check If Your LinkedIn Contacts Appear in 3.5 Million (Feb,06 2026 ) Bitcoin's $64,000 Reality vs. $87K+ Production Costs Sparks (Feb,05 2026 ) Crypto Analyst Issues Urgent 'Final Warning' on XRP: Claims (Feb,05 2026 )
>> News Archive <<
| |
|
