Fake Netflix App Allows Hackers to Hijack WhatsApp

By   ISBuzz Team
Writer , Information Security Buzz | Apr 09, 2021 03:56 am PST

A newly-discovered Android malware app called FlixOnline promised users access to Netflix content from all around the world on their smartphones before exploiting access to their WhatsApp, according to Check Point Research. Troubling, the app was not solely on third-party app stores – it was, instead, found on the Google Play Store, using Netflix imagery to create an extra level of trust in potential targets. When installed and granted certain permissions, according to a summary of the research findings, “the malware is capable of automatically replying to victims’ incoming WhatsApp messages with a payload received from a command-and-control (C&C) server. This unique method could have enabled threat actors to distribute phishing attacks, spread false information or steal credentials and data from users’ WhatsApp accounts, and more.”