Piracy apps for illegally streaming the latest movies and TV shows have been around for quite some time, but with the onset of the Covid-19, content consumption has surged to an astronomical level causing a resurgence of even those that have been dead for a long time.
But not all piracy apps share the same interest. An Android app named ¡®FlixOnline¡¯, which carried the same look and feel as ¡®Netflix¡¯, promised two months of free subscription to the popular streaming app.
However, the app never really allowed users to binge watch your favorite TV show. Instead, the app was a super malware spreader, designed to monitor user¡¯s WhatsApp notifications that could allow hackers to distribute phishing attacks and data-theft operations.
When users installed the FlixOnline app from the Play Store, it chiefly asked for three types of permissions: screen overlay, battery optimization ignore, and notification. Security firm Check Point Research noted that the ¡®overlay¡¯ is used to create fake logins and steal victim¡¯s credentials by creating fake windows on top of existing apps.
And when granted Notification access, the app hijacks your WhatsApp and secretly auto-replies a subtle advertisement to even your mom who just wants to know if you had dinner. And it looked like this:
¡°2 Months of Netflix Premium Free at no cost For REASON OF QUARANTINE (CORONA VIRUS)* Get 2 Months of Netflix Premium Free anywhere in the world for 60 days. Get it now HERE [followed by a malicious link].¡±
If users were to click on the link attached at the end of the message, they get directed to a website where they can download the app. Researchers said that the site was a phishing page to collect your information.
The app was lurking in the Google Play Store until the tech giant decided to remove the fake Netflix app. The good thing is that the FlixOnline app was only downloaded over 500 times over the course of two months. However, if you happen to be those few who¡¯ve fallen for the trap, be sure to uninstall it and remove all related files from your smartphone.
Apps and websites masquerading as other popular brands are common means employed by hackers to steal your bank details and take over your phone. In fact, Netflix was the one of the most imitated brands for phishing attacks for Q1 2020.