News Karnataka
Thursday, April 18 2024
News Karnataka
Cricket
Trending :
Singapore’s Changi Loses ‘Best Airport’ Title to Qatar
Telangana School Attacked Over Saffron Attire Issue
PC Mohan: Building a Better Bengaluru Central
Google Announces More Layoffs, Moves Some Roles to India in Major Rejig
Massive Storm Strikes Dubai, Disrupts Entire City
Science & Technology

Android app offering free Netflix may steal your WhatsApp data

Wednesday, April 7th, 2021 at 7:58 PM
Photo Credit :

New Delhi: Cybersecurity researchers said on Wednesday that they have discovered a fake service app on Google Play Store that offers users view Netflix on their smartphones for free, while monitoring their WhatsApp notifications and sending automatic replies to incoming messages.

Named ‘FlixOnline’, the hackers distributed the malware via malicious auto-replies to incoming WhatsApp messages, using payloads received from a remote command and control (C&C) server, according to the team from Check Point Research (CPR).

By replying to incoming WhatsApp messages, this method could enable a hacker to distribute phishing attacks, spread further malware, or spread false information or steal credentials and data from users’ WhatsApp account and conversations, they warned.

“This ‘wormable’ Android malware features innovative and dangerous new techniques for spreading itself, and for manipulating or stealing data from trusted applications such as WhatsApp,” the cybersecurity researchers said.

“It highlights that users should be wary of download links or attachments that they receive via WhatsApp or other messaging apps, even when they appear to come from trusted contacts or messaging groups,” they warned.

A threat actor could perform a wide range of malicious activities like spreading further malware via malicious links, stealing data from users’ WhatsApp accounts and spreading fake or malicious messages to users’ WhatsApp contacts and groups.

When the application is downloaded from the Play Store and installed, the malware starts a service that requests ‘Overlay’, ‘Battery Optimization Ignore’, and ‘Notification’ permissions.

If these permissions are granted, the malware then has everything it needs to start distributing its malicious payloads and responding to incoming WhatsApp messages with auto-generated replies.

“Theoretically, though these auto-generated replies, a hacker can steal data, cause business interruptions on work-related chat groups, and even extortion by sending sensitive data to all the users contacts,” the team noted.

The researchers notified Google about the malicious application and the details of its research and the tech giant quickly removed the application from the Play Store.

Over the course of two months, the FlixOnline app was downloaded approximately 500 times.

“If a user was infected, they should remove the application from their device, and change their passwords,” the researchers said.

Share this:
IANS

Read More Articles
Download News Karnataka App for latest Karnataka News for Kannadigas across the globe.
MANY DROPS MAKE AN OCEAN
CLICK HERE to Know More
Support NewsKarnataka's quality independent journalism with a small contribution.
CLICK HERE to Subscribe Now

How useful was this post?

Click on a star to rate it!

Average rating 0 / 5. Vote count: 0

No votes so far! Be the first to rate this post.

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.
Nktv
Recent News
Rahul Gandhi Praises Congress Workers as Backbone, DNA

Delhi
Singapore’s Changi Loses ‘Best Airport’ Title to Qatar

World
Can the Semiconductor Industry Cope with Climate Change?

Industry
Woman Accused of Wheeling Dead ‘uncle’ into Bank to Sign Loan

World
Editor's Pick
St Anna Ward at Paldane Church Celebrates Ward Day
16-04-2024, 4:01 PM Community
Priestly Ordination of 3 Deacons Held at Rosario Cathedral
12-04-2024, 10:50 AM Community
St Lawrence Church and Shrine, Bondel holds Vojem Utsav 2024
11-04-2024, 10:31 AM Community
Nktv Live

To get the latest news on WhatsApp

Click Here