Malicious applications are regularly found on the Google Play Store. This is the case of this application which imitates the appearance of Netflix to steal personal data and share fake news to your WhatsApp contacts.
On the Play Store, Google’s policy is the opposite of Apple’s. Indeed, since the first steps of the Play Store (Android Market at the time), Google chose a validation a postiori. This policy is less costly for Google, because new applications submitted by developers, but also updates to existing applications, go through some automatic verification process but no verification is performed by a human. Conversely, Apple has a team that checks all applications submitted on its store before making them available.
It is therefore more common for malicious applications to slip through Google’s cracks. Even if the Play Store is considered a safe platform, this does not prevent some unpleasant surprises. Exactly, Check Point Research team detected malicious app on Play Store.
A fake Netflix app
This application has temporarily imitated the product sheet of the official Netflix application, for example by using its icon. Usually, Play Store bots that perform this automatic check can block these kinds of apps. However, this malware found itself available on the Google store.
Once you download this app it obviously asks for system permissions which allows it to trick you. It is, for example, able to automatically reply to incoming messages on WhatsApp. This allows it to launch phishing attacks, to recover access and personal data, but also to disseminate fake news.
Named FlixOnline, this malicious application was online for two months on the Play Store and luckily received very few downloads. Google detected it and was able to automatically remove the app from the phones of those who downloaded it. It can still be found outside the Play Store, it was detected on alternative application stores but also via .APK files shared on the web.
We recommend that you read our essential tips for keeping your devices and data secure. You can, for example, avoid downloading applications from unknown sources. You can also be aware of the permissions requested by the applications, especially if the latter are not essential for the proper functioning of the application in question.