Google removes malware that can read your WhatsApp messages and spreads using the ‘reply’ feature | Mobile News

Google removes malware that can read your WhatsApp messages and spreads using the ‘reply’ feature

The app promised the ability to play Netflix content from around the world. It then tricked users into granting permissions that it requires to work, and starts to spread itself with an ingenious method.

By: HT TECH
| Updated on: Aug 21 2022, 16:16 IST
Icon
The app promises free access to Netflix content. 
The app promises free access to Netflix content.  (Check Point Research)
The app promises free access to Netflix content. 
The app promises free access to Netflix content.  (Check Point Research)

Malware appearing on the Google Play Store is not a new phenomenon and there are regular reports of infected applications acting in malicious ways every once in a while. A new application has appeared on the Google Play Store, which reportedly spreads itself via WhatsApp messages.

According to a recent analysis by Check Point Research, the malware that is spreading through the Play Store is a fake application that masquerades as a Netflix clone. Called FlixOnline, the app promises the ability to play Netflix content from around the world. It then tricks users into granting permissions that it requires to work, and starts to spread itself with an ingenious method.

Also read: A malware masquerading as System Update is attacking Android phones

The app connects to its command and control (C&C) server and then copies itself onto other devices by using the reply feature on WhatsApp messages. The company says that the app could have used the same method to spread further malware via malicious links, or steal data from user's WhatsApp accounts. It could also be used to perform phishing attacks, spread false news and malicious messages. It could also be used to extort users into paying money to prevent the malware from sending their chats to other accounts.

Here's how the FlixOnline app “guides” users into installing the malware. 
Here's how the FlixOnline app “guides” users into installing the malware.  (Check Point Research)
image caption
Here's how the FlixOnline app “guides” users into installing the malware.  (Check Point Research)

The app asks for three main permissions on order to work - ‘Overlay', ‘Battery Optimization Ignore', and ‘Notification' permissions. The overlay permission lets it draw over your existing app and fool the user into entering their credentials in the malicious app. Ignore battery optimisations is a self-protection method to protect it from Android's battery savings. The final ‘Notification' access permission will grant it the ultimate access to every notification and allowing the app to dismiss or reply to a message.

Read more: This dangerous Android malware can steal your banking info, warns CERT-In

Here's an example of the message that was forwarded to other users, also promising them two months of Netflix premium free: “2 Months of Netflix Premium Free at no cost For REASON OF QUARANTINE (CORONA VIRUS)* Get 2 Months of Netflix Premium Free anywhere in the world for 60 days. Get it now HERE https://bit[.]ly/3bDmzUw.” Users are advised to disregard any such messages they may receive. 

Check Point says that after they disclosed the issue to Google, the company promptly removed it from the Play Store. The company estimates that the FlixOnline app was downloaded five hundred times over a two month period. Users should be aware of malware that can be spread through download links or attachments - even if they come from a trusted contact or a group.

Catch all the Latest Tech News, Mobile News, Laptop News, Gaming news, Wearables News , How To News, also keep up with us on Whatsapp channel,Twitter, Facebook, Google News, and Instagram. For our latest videos, subscribe to our YouTube channel.

First Published Date: 07 Apr, 17:59 IST
Trending: samsung galaxy s25 ultra leaks roundup: expected specs, camera features and more iphone 14 price drops on amazon: check latest deals and offers iphone se 4 (2024) leaks roundup: here's what to expect iphone 16 launch: apple may finally solve one big camera problem this year in pro series iphone 16 pro to get big ai upgrade with ferret-ui: know what it is infinix note 40 pro series launched in india: check specs, price and more motorola moto g64 5g launch: specifications, features, camera and all details revealed motorola teases flagship smartphone with 125w fast charging ahead of launch event: here what's coming oneplus nord ce4 vs poco x6 pro: which latest smartphone is a better performer under 30000? 5 best smartphones for your eyes: xiaomi 13, honor 90 to motorola edge plus, check list
Home Mobile Mobile News Google removes malware that can read your WhatsApp messages and spreads using the ‘reply’ feature
NEXT ARTICLE BEGINS

Tips & Tricks

WhatsApp banned
WhatsApp banned my number. What’s the solution? Step-by-step guide to ‘unban’ your account
Consider Tonnage
Don't forget these 5 things while buying ACs online
Productivity
Otter AI: How to use this AI meeting assistant app to automatically take notes, transcripts, more
Pixel 8 Pro's Pro
Know how to master Pro Controls on the Google Pixel 8 Pro - check top 4 tips
ChatGPT Plus
How to edit images generated by DALL-E in ChatGPT: Step-by-step guide

Editor’s Pick

Digi Yatra
Digi Yatra users, delete the old app right now- Here’s how to download the new app and use it at airports
iPhone 15
iPhone 16 leaks summarised: Colours, A-series chip and what more to expect from Apple in 2024
STScI-01HFQ5YXZ04PF608HQB0KRTF3S
10 stellar images shot by NASA’s $10 billion James Webb Space Telescope
HDFC Bank alerts about a few common ‘bad habits’ of smartphone users that make it easy for them to fall prey to hacking attempts and scams.
Online scams: 5 habits of smartphone users that make life easy for hackers, warns HDFC Bank
Moto Edge 50 Pro
Motorola Edge 50 Pro review: Should you buy this new AI smartphone under 35,000?

Trending Stories

Dbrand
MKBHD takes tough stand after Dbrand makes racist comment on Indian customer [Update]
GTA_6
GTA 6 leaks: What we know so far about Grand Theft Auto 6
STScI-01HFQ5YXZ04PF608HQB0KRTF3S
10 stellar images shot by NASA’s $10 billion James Webb Space Telescope
Google Vids
Google Vids- All details about this new AI video app and how to use it
iPhone 13
Apple iPhone 13 available at discounted price of Rs. 52,990 on Amazon- Check details
keep up with tech

Gaming

Sony PS5 Pro leaked specs confirmed: This is what to expect from the next PlayStation 5 launching soon
Sony PS5 Pro leaked specs confirmed: This is what to expect from the next PlayStation 5 launching soon
GTA 6 launch gets new boost: Rockstar Games tells developers to return to office amid backlash
GTA 6 launch gets new boost: Rockstar Games tells developers to return to office amid backlash
Garena Free Fire MAX Redeem Codes for April 16: OB44 update is on the way!
Garena Free Fire MAX Redeem Codes for April 16: OB44 update is on the way!
Garena Free Fire Redeem Codes for April 16
Garena Free Fire Redeem Codes for April 16: Grab exciting rewards from Scar Ring event- Details
GTA 5 tops EU charts
GTA 5 tops EU charts: Ranks among top 10 downloaded PS4 and PS5 games; GTA 6 trailer 2 expected soon

    Trending News

    MKBHD takes tough stand after Dbrand makes racist comment on Indian customer [Update]
    Dbrand
    GTA 6 leaks: What we know so far about Grand Theft Auto 6
    GTA_6
    10 stellar images shot by NASA’s $10 billion James Webb Space Telescope
    STScI-01HFQ5YXZ04PF608HQB0KRTF3S
    Google Vids- All details about this new AI video app and how to use it
    Google Vids
    Apple iPhone 13 available at discounted price of Rs. 52,990 on Amazon- Check details
    iPhone 13

    Trending Gadgets

    Mobiles Laptops Tablets