What You Should Know About This Malware That Mimics the Netflix App

Binge-watching hours of one’s favorite programs on Netflix has become a signature form of escapism over the course of the COVID-19 pandemic. The streaming service especially saw sharp increases in subscriptions during the early days of the global health crisis.

Given Netflix’s popularity, it shouldn’t be a surprise that cybercriminals have taken advantage of the fact that it is one of the most sought after mobile and smart TV apps. In recent months, a sneaky new malware that looks a lot like the Netflix app — complete with signature red “N” logo — has been found on the Google Play Store, reports Tech Times. If you already downloaded this app, cybersecurity experts urge you to delete it now.

The app is known as FlixOnline and presents the tantalizing offer of two months of free premium Netflix access. Security blog Check Point Research explains the malware found in this fake app spreads itself by way of users’ WhatsApp messages.

“If the user downloaded the fake application and unwittingly granted the malware the appropriate permissions, the malware is capable of automatically replying to victim’s’ incoming WhatsApp messages with a payload received from a command-and-control (C&C) server. This unique method could have enabled threat actors to distribute phishing attacks, spread false information or steal credentials and data from users’ WhatsApp accounts, and more,” the blog reports.

To lure unsuspecting victims, the malware will send this message: “2 Months of Netflix Premium Free at no cost For REASON OF QUARANTINE (CORONA VIRUS)* Get 2 Months of Netflix Premium Free anywhere in the world for 60 days. Get it now HERE [with a corresponding link]”

Google already removed the app from its store, but for some people the damage might have already been done.

FlixOnline was downloaded about 500 times over two months and there’s a chance you might have it on your device and be unaware it contains malware, writes tech blogger Kim Komando. If you think you have this malicious app on your device, make sure you delete it immediately and promptly change all your saved online account passwords.

Deleting an Android device app is simple. Komando says you just must go to the Google Play Store icon, head to “Menu” and then “My apps & games” and then choose “Uninstall” for this specific app.

When purchasing and downloading apps, be sure to be vigilant. It isn’t hard for cybercriminals to create “fake” apps that look a lot like the ones you normally use. As always, please adhere to good, common sense cybersecurity practices. Don’t share personal or financial information with an unknown third party, and be sure to create unique, hacker-proof passwords for all your accounts.

Published by Peter Cavicchia

Peter Cavicchia is a retired U.S. Secret Service Senior Executive, now Chairman of the security consulting firm Strategic Services International LLC. https://petecavicchia.com/

%d bloggers like this: