A newly-discovered Android malware app called FlixOnline promised users access to Netflix content from all around the world on their smartphones before exploiting access to their WhatsApp, according to Check Point Research. Troubling, the app was not solely on third-party app stores – it was, instead, found on the Google Play Store, using Netflix imagery to create an extra level of trust in potential targets. When installed and granted certain permissions, according to a summary of the research findings, “the malware is capable of automatically replying to victims’ incoming WhatsApp messages with a payload received from a command-and-control (C&C) server. This unique method could have enabled threat actors to distribute phishing attacks, spread false information or steal credentials and data from users’ WhatsApp accounts, and more.”

Notify of

1 Expert Comment
Most Voted
Newest Oldest
Inline Feedbacks
View all comments
Jake Moore
Jake Moore , Cybersecurity Specialist
InfoSec Expert
April 9, 2021 11:59 am

<p>Although apps like this are rare and infrequently downloaded, the threat they possess is huge – and this discovery could suggest the beginning of more malicious apps to come. Being able to send rogue messages from another app installed on a device is impressive and extremely dangerous, as when those messages appear on a victim’s phone, they come with a sense of trust from a known contact. This is what makes this attack so highly effective and manipulative. Malicious actors know that worms like this work far better when passed on via contacts rather than unsolicited communication. If someone has downloaded this or a similar app, they may be sending WhatsApp messages out without realizing it, so people need to remain cautious of links and attachments in received messages – even from known contacts.</p>

Last edited 1 year ago by Jake Moore
Information Security Buzz
Would love your thoughts, please comment.x