A newly-discovered Android malware app called FlixOnline promised users access to Netflix content from all around the world on their smartphones before exploiting access to their WhatsApp, according to Check Point Research. Troubling, the app was not solely on third-party app stores – it was, instead, found on the Google Play Store, using Netflix imagery to create an extra level of trust in potential targets. When installed and granted certain permissions, according to a summary of the research findings, “the malware is capable of automatically replying to victims’ incoming WhatsApp messages with a payload received from a command-and-control (C&C) server. This unique method could have enabled threat actors to distribute phishing attacks, spread false information or steal credentials and data from users’ WhatsApp accounts, and more.”
The opinions expressed in this post belongs to the individual contributors and do not necessarily reflect the views of Information Security Buzz.