- Advertisement -

    Android Malware Using Fake App to Spread Via WhatsApp Discovered on Google Play: Check Point Research


    - Ad Keep reading below -
    A new Android malware has been discovered that existed as an app on Google Play and is claimed to spread via WhatsApp conversations. Called FlixOnline, the app pretended to allow users to view global Netflix content. It was, however, designed to monitor the user’s WhatsApp notifications and send automatic replies to their incoming messages with the content it receives from the hacker. Google pulled the app immediately from the Play store after the company was reached out to. However, it was downloaded hundreds of times before it got removed.

    Researchers at threat intelligence firm Check Point Research discovered the FlixOnline app on Google Play. When the app is downloaded from the Play store and installed, the underlying malware starts a service that requests “Overlay,” “Battery Optimisation Ignore,” and “Notification” permissions, the researchers said in a press note.

    The purpose of obtaining those permissions is believed to allow the malicious app to create new windows on top of other apps, stop the malware from being shut down by the device’s battery optimisation routine, and gain access to all notifications.

    ALSO READ  Nokia Bluetooth Headset T2000, True Wireless Earphones ANC T3110 Launched in India by Flipkart
    - Ad Keep reading below -

    Instead of enabling any legitimate service, the FlixOnline app monitors the user’s WhatsApp notifications and sends an auto-reply message to all WhatsApp conversations that lures victims with free access to Netflix. The message also contains a link that could allow hackers to gain user information.

    ALSO READ  Amazfit GTS 2 mini Gets Amazon Alexa Update With Voice Control in India

    The “wormable” malware, which means that it can spread by itself, could spread further via malicious links and could even extort users by threatening to send sensitive WhatsApp data or conversations to all their contacts.

    - Ad Keep reading below -

    Check Point Research notified Google about the existence of the FlixOnline app and the details of its research. Google quickly removed the app from the Play store upon receiving the details. However, the researchers found that the app was downloaded nearly 500 times over the course of two months, before it went offline.

    The researchers also believe that while the particular app in question was removed from Google Play after it was reported, the malware could return through another similar app in the future.

    ALSO READ  Amazfit GTS 2 mini Gets Amazon Alexa Update With Voice Control in India

    “The fact that the malware was able to be disguised so easily and ultimately bypass Play Store’s protections raises some serious red flags. Although we stopped one campaign of the malware, the malware family is likely here to stay. The malware may return hidden in a different app,” said Aviran Hazum, Manager of Mobile Intelligence at Check Point, in a prepared quote.

    ALSO READ  Realme Narzo 30 India Launch Teased, Company Asks Fans to Choose Box Design

    The affected users are advised to remove the malicious app from their device and change their passwords.

    - Ad Keep reading below -

    It is important to note while the malware variant available through the FlixOnline app was designed to spread via WhatsApp, the instant messaging app doesn’t include any particular loophole that allowed the circulation of malicious content. Instead, the researchers found that it was Google Play that wasn’t able to restrict access to the app at first glance — despite using a mix of automated tools and preloaded protections including Play Protect.

    What is the best phone under Rs. 15,000 in India right now? We discussed this on Orbital, the Gadgets 360 podcast. Later (starting at 27:54), we speak to OK Computer creators Neil Pagedar and Pooja Shetty. Orbital is available on Apple Podcasts, Google Podcasts, Spotify, and wherever you get your podcasts.

    - read any article below now-

    Latest news

    Osinbajo presides as FEC honours late Mahmud Tukur

    Job Opportunities at Tanga-UWASA- Customer Service Assistant


    Leaving Cert student not appealing calculated grades ruling

    A student’s decision not to appeal the High Court’s rejection of his lead challenge to the calculated grades model for the Leaving Cert 2020...
    - Advertisement -

    You might also likeRELATED
    Recommended to you

    - Advertisement -