Be careful if you are using WhatsApp, WhatsApp messages can spread Wormable Netflix Malware. Researchers at CheckPoint have discovered a new wormable malware that disguises itself as a Netflix application. It is designed to spread wormable malware via WhatsApp messages.
The malware existed on the FlixOnline app available on the Google Play store. Android users are lured into downloading the app as it promises to offer unlimited entertainment from anywhere in the world. The Netflix logo on the app makes the app look authentic, adding the victim count to its tally.
The victims are helpless once they download the application, the malware, change the permissions of the devices, and enable automatic responses to WhatsApp notifications.
Further, the malware sends automated replies to every message the user receives. This encourages them to stay interested in visiting the fake Netflix site, which is designed to collect unauthorized data which includes log-ins and credit card details.
Users fall for the two months of free Netflix Premium offer sent via WhatsApp message and innocently click the malicious link.
According to Aviran Hazum, the malware uses a new and innovative method to hack users.
The fact that the malware was able to be disguised so easily and ultimately bypass the Play Store’s protections raises some serious red flags. Although we stopped one campaign using this malware, the malware may return hidden in a different app.
Google has already removed the after Checkpoint informed them and has been downloaded around 500 times.
Users should always make it a point to download apps from trusted sites. You should always download a security solution on your smartphone and keep your smartphone software updated to stay clear of such hacking incidents.
Hazum further said “Users should be wary of download links or attachments that they receive via WhatsApp or other messaging apps, even when they appear to come from trusted contacts or messaging groups”
He also advised users, if they think they are a victim, they should remove the application from their devices and change their passwords.