It is not a surprise that people would get bored because of the pandemic. One of the most common activity is watching streamed content from apps like Netflix, hulu, viu, Rakuten VIKI and the like.
One malware laced app is brave enough to make itself look like Netflix and called itself FlixOnline. It capitalized on the peoples’ need to keep entertained. Watching online content has surged at a rapid pace since last year. Thus some audiences would rather want free content instead of paying a subscription which led to this app spreading over the internet.
The Android app named FlixeOnline has been catching the attention of downloaders worldwide since it looks similar to Netflix. They have been trying to capture the same look and feel including the logo is as close to the original. They promise to offer a 2-month free subscription to Netflix plans.
After donwloading and installing the said app, the user would then realize that it is a malware. It does not do anything close to being able to watch streaming content. The apps main purpose is to gain access to WhatsApp notification from when the app was downloaded. The malicious app would then distribute phishing attacks and data-theft operations.
It all starts when you download the app from Google Play Store. It would ask the user three different permissions after opening the app – battery optimisation, screen overlay and notifications. Legitimate apps will never ask for those. Once given access, it creates a fake login and continues to hijack WhatsApp and sends the payload to their contact list. It would make the recipient think that they are getting Netflix for free.
It would normally say “2 Months of Netflix Free at no cost For REASON OF QUARANTINE (CORONA VIRUS)* Get 2 Months of Netflix Free anywhere in the world for 60 days. Get it now HERE [followed by a malicious link]
Please note that no genuine app will ever ask for permissions associated with your smartphone. According to the security researchers, the FlixOnline app then creates a fake login.
Upon having been granted the access, it proceeds to hijack the user’s WhatsApp. It then creates auto-replies. These replies will further be sent to their contact list.
The recipient will be able to read something like “Netflix download is available for free.” “2 Months of Netflix Free at no cost For REASON OF QUARANTINE (CORONA VIRUS)* Get 2 Months of Netflix Free anywhere in the world for 60 days. Get it now HERE [followed by a malicious link]”.
All this trouble can be avoided by just getting the subscription directly from Netflix and no place else.
