Android users need to be careful while downloading apps. One of the apps was identified as containing malware and targeting the WhatsApp app.
Zdnet reports some ago called the application called Flix Online. The platform promises unlimited entertainment and a premium Netflix subscription for free for two months.
But it turned out to be a hoax. Because after the application is successfully installed on the cellphone, it will immediately ‘listen’ to the conversation on WhatsApp and write an automatic response to incoming messages with malicious content.
When the app is opened, it will ask for overlay permission and battery optimization overrides. This will stop the phone from shutting down apps to save battery.
Flix Online will also ask for permission to grant access to notifications connected to communications via WhatsApp. In addition, the application asks for the ability to reply to chat.
The application will send an automatic response to the victim’s contacts. The following is the content of the message:
“2 Months Free Netflix Premium Subscription* Get Free Netflix Premium Subscription anywhere in the world for 60 days. Get it now at https:// bit[.]ly/3bDmzUw.”
The link at the end of the message will take the victim to a fake Netflix site. This is an attempt to obtain credit card data and victim’s credentials from the web. However, Flix Online also carries the risk of leading users to fraudulent sites and even the presence of other malware.
Last year, Flix Online was reported to have netted 500 victims in two months. There is the potential for malware to reappear.
The app has reportedly been removed from the Google Play Store. WhatsApp has also been aware of this fraudulent campaign.
But WhatsApp reportedly did not take action. The reason is that the vulnerability that Flix Online managed to exploit could not be found in the instant messaging platform.