A newly-discovered Android malware app called FlixOnline promised users access to Netflix content from all around the world on their smartphones before exploiting access to their WhatsApp, according to Check Point Research. Troubling, the app was not solely on third-party app stores – it was, instead, found on the Google Play Store, using Netflix imagery to create an extra level of trust in potential targets. When installed and granted certain permissions, according to a summary of the research findings, “the malware is capable of automatically replying to victims’ incoming WhatsApp messages with a payload received from a command-and-control (C&C) server. This unique method could have enabled threat actors to distribute phishing attacks, spread false information or steal credentials and data from users’ WhatsApp accounts, and more.”

Experts Comments

April 09, 2021
Jake Moore
Cybersecurity Specialist
ESET

Although apps like this are rare and infrequently downloaded, the threat they possess is huge – and this discovery could suggest the beginning of more malicious apps to come. Being able to send rogue messages from another app installed on a device is impressive and extremely dangerous, as when those messages appear on a victim’s phone, they come with a sense of trust from a known contact. This is what makes this attack so highly effective and manipulative. Malicious actors know that worms

.....Read More

Although apps like this are rare and infrequently downloaded, the threat they possess is huge – and this discovery could suggest the beginning of more malicious apps to come. Being able to send rogue messages from another app installed on a device is impressive and extremely dangerous, as when those messages appear on a victim’s phone, they come with a sense of trust from a known contact. This is what makes this attack so highly effective and manipulative. Malicious actors know that worms like this work far better when passed on via contacts rather than unsolicited communication. If someone has downloaded this or a similar app, they may be sending WhatsApp messages out without realizing it, so people need to remain cautious of links and attachments in received messages – even from known contacts.

  Read Less

Submit Your Expert Comments

What do you think of the topic? Do you agree with expert(s) or share your expert opinion below.
Be part of our growing Information Security Expert Community (1000+), please register here.

Write Your Expert Comments *
Your Registered Email *
Notification Email (If different from your registered email)
* By using this form you agree with the storage and handling of your data by this web site.