An Android malware app from the Play Store has been downloaded over 500 times over the course of two months before Google had to take it down.
People found a new Android malware available as an application on the Google Play store that is alleged to reach everyone’s phone through WhatsApp chats. The application name is FlixOnline, which is created to let users access international Netflix content.
The application’s work is to control and watch the people’s WhatsApp notifications and send automated responses to their messages with the content it takes from the hacker. Google removed the application instantly from the Play Store after the firm came to know about this.
However, the record shows thousands of people already have downloaded the app before Google sort this out. Experts at Check Point Research found the FlixOnline app was available on Google Play.
FlixOnline: Malware-laced app on Google Play
The researchers at Check Point Research said in a press announcement that when someone downloaded the app from the Play Store and installed it, the malware begins a setting that demands “Overlay,” “Notification,” and “Battery Optimisation Ignore,” authorities.
The prospect of getting those permits allows the wicked app to prevent the malware from being shut down. The device’s battery optimization system causes such restrictions, which achieves access to all background notifications.
— Es Geeks (@EsGeeks) April 7, 2021
The FlixOnline controls the WhatsApp notifications that pop on the top and deliver an automated reply to all WhatsApp chats. It attracts people with a free way to Netflix content. The response also has a link that could get information about the user.
This could even force users to send sensitive WhatsApp conversations or pictures to all their phone connections.
Check Point Research informed Google about the occurrence of such a malware-contained app and its research details. After getting to know about this, Google immediately pushed the Play store’s app.
Google pulled the malicious app
“The evidence that the malware was worthy of being hidden so easily and eventually neglect Play Store’s safety protections. Even though we closed one malware attack, its malware family is possible to sojourn.”
Google and the researchers advise the victims to remove such app from their devices. Also asked to change passwords for every essential site and mails.
It is vital to remark that while the malware modification is open in the FlixOnline app. The reason for creating such an application is to deliver malware via WhatsApp. The ready-to-use messaging app doesn’t cover any particular aperture that allowed the sending of malware content.
The experts found that Google Play could not limit access to the app at first glance. Notwithstanding using a blend of automatic tools and has default safeguards, including Play Protect.
Image courtesy of Velian Speaks Tech/YouTube Screenshot