If you have an Android device and you’re something of an app fanatic, you may have been tempted by an app called FlixOnline, which was available on the Google Play Store for a time. The app’s description promises a free trial subscription to Netflix, which naturally prompted many people to download it and give it a try. Unfortunately, instead of giving the promised free Netflix trial, it installed malware on the devices of everyone who decided to give the app a spin.
If you’re one of those, by all means, uninstall the app right away. On installation, the app asks for “Overlay,” “Notification” and “Battery Optimization Ignore” permissions. If you grant those, then it has everything it needs to serve up fake login overlays that lay atop legitimate apps and will invariably cause some people to give their login credentials to the people controlling the app.
If you also have WhatsApp installed, your problems will get even worse, based on research conducted by Check Point.
Here’s what they had to say about it:
“Check Point Research (CPR) recently discovered malware on Google Play hidden in a fake application that is capable of spreading itself via users’ WhatsApp messages. If the user downloaded the fake application and unwittingly granted the malware the appropriate permissions, the malware is capable of automatically replying to victim’s’ incoming WhatsApp messages with a payload received from a command-and-control (C&C) server. This unique method could have enabled threat actors to distribute phishing attacks, spread false information or steal credentials and data from users’ WhatsApp accounts, and more.”
Bottom line: If you’re a WhatsApp user and you also downloaded this app, you’re probably infecting all your contacts with the same malware, or worse.
If you want to double check your phone to make sure it’s not there and uninstall it if it is, just head to “Settings,” then “Apps and Notifications” and “App Info” to be sure you it is completely removed. As an added precaution, be sure you change the passwords of any apps you may have logged into since installing it on your device.
Used with permission from Article Aggregator