Malware is hiding in fake Netflix app — and it infiltrates your WhatsApp messages to steal data | Laptop Mag
Malware is hiding in fake Netflix app — and it infiltrates your WhatsApp messages to steal data
A malware bug is masquerading as a Netflix app on the Google Play Store, according to investigators from cybersecurity house Check Point Research. Once this false Netflix app is installed, the malicious software wrecks havoc on users' WhatsApp letters.
Hold on to your hats — information technology gets worse. One time the malware slithers into your WhatsApp, information technology letters your contacts in order to steal their private data for nefarious purposes.
- Malicious VPNs institute on Google Play Store — delete these Android apps now
- Android 'Arrangement Update' malware can access your WhatsApp messages — beware of this app
- Best VPN services 2022
Flixonline is not legit — it'due south a malware app disguising itself equally Netflix
Cheque Point Inquiry investigators discovered a malicious app on the Google Play Shop chosen "FlixOnline," which uses Netflix'due south logo to lure users into downloading it. The deceptive app promises users unlimited entertainment from anywhere in the globe, but backside all the smoke and mirrors lies a wormable bug.
"Wormable" means that this malicious bug is designed to hop from one device to another, spreading like wildfire throughout the Android ecosystem. How is this FlixOnline bug wormable? Well, once it is installed, the malware "listens" for new notifications from WhatsApp. It then responds to every WhatsApp message with a canned response crafted past malicious actors.
Here is the script that was sent to victims' contacts: "2 Months of Netflix Premium Gratuitous at no price For REASON OF QUARANTINE (CORONA VIRUS)* Get 2 Months of Netflix Premium Free anywhere in the globe for 60 days. Get it now Here [link redacted]."
The message is meant to lure unsuspecting victims to click on the link, which would pb them to a fake Netflix phishing website. The purpose of this phony website is to bait victims into submitting their credentials and credit card information. The link besides entices targets to download malicious software, which is why it's considered wormable — it could start a chain of malicious downloads from one Android user to another.
"The malware's technique is fairly new and innovative. The technique here is to hijack the connectedness to WhatsApp by capturing notifications, along with the power to take predefined actions, like 'dismiss' or 'answer' via the Notification Managing director," said Aviran Hazum, Managing director of Mobile Intelligence at Check Signal.
Hazum added that it was concerning that FlixOnline was able to bypass the Google Play Store'south security verification process. Google Play Protect is Android'due south born anti-malware tool that is supposed to protect devices from installing malicious apps, but as TechRadar mentioned, information technology performed miserably during Android protection tests. TechRadar challenged Play Protect to detect a slew of malware, but it only detected 37% of them.
Thankfully, after Check Point Research disclosed its findings to Google, FlixOnline was taken down by the search-engine giant. Yet, Hazum warned that it'due south possible that this malware application could pop up with different app proper noun.
How to protect yourself from wormable bugs similar the FlixOnline app
Hazum advises mobile users to be wary of download links and attachments that they receive from WhatsApp and other messaging apps — even when the letters supposedly come from trusted contacts. "If you recollect yous're a victim, I would immediately remove the application from my device, and proceed to alter all my passwords," Hazum said.
Cheque Bespeak Enquiry recommends that users install a security solution on their devices, only download applications from official markets, and ensure apps and devices are up to engagement.
Kimberly Gedeon, holding a Principal's caste in International Journalism, launched her career as a journalist for MadameNoire's concern beat in 2022. She loved translating stuffy stories about the economy, personal finance and investing into digestible, piece of cake-to-understand, entertaining stories for immature women of color. During her time on the business organization beat out, she discovered her passion for tech as she pigeon into articles well-nigh tech entrepreneurship, the Consumer Electronics Show (CES) and the latest tablets. Afterwards viii years of freelancing, dabbling in a myriad of beats, she's finally establish a dwelling house at Laptop Mag that accepts her equally the crypto-fond, virtual reality-loving, investing-focused, tech-fascinated nerd she is. Woot!
Source: https://www.laptopmag.com/news/android-malware-is-hiding-in-fake-netflix-app-and-its-infiltrating-whatsapp-to-steal-your-data
Posted by: brownlizeatied.blogspot.com
0 Response to "Malware is hiding in fake Netflix app — and it infiltrates your WhatsApp messages to steal data | Laptop Mag"
Post a Comment