So-called hacking apps have been around for years – and they have been around probably gained popularity since covid-19 put us all endlessly on the couch, phone in hand, waiting for a reason (which never comes) to stop the transmission.
Well, not all hacking apps take into account your content viewing interests. Let me give you an example: it’s called “FlixOnline”. Until recently, this app was in the Google Play Store, promising users to get free mobile access to Netflix from anywhere in the world, even if they didn’t have an account. Sounds too good to be true, right?
Yes, well, exactly.
FlixOnline, discovered by the security company Check Point Research, never let users get hit breaking bad or anything else. Instead, the researchers say, it delivered a worm with self-replication on their devices – such types could be used by hackers in phishing and data theft operations.
According to researchers, the wormable Flix malware enters a phone abusing its permissions, then uses a victim’s WhatsApp conversations to spread. As soon as you download it, Flix requires access to a variety of device controls. It then hijacks your WhatsApp and uses it to send spam messages to people who send you messages. For example, if your friend sends you “Hey dude, whaddup”, Flix will automatically answer you in secret, sending you a very subtle advertisement for his fake services:
„2 months of free Netflix Premium free of charge FOR THE QUANTITY OF CROWN (CORONA VIRUS) * VIRUS) * Get 2 months of free Netflix Premium anywhere in the world for 60 days. Get it HERE now ” [insert malicious link].
G / O Media may receive a commission
If your friend, lost in a confusing fog – puzzled by the fact that their many-year-old friend turned into a Netflix robot shill overnight – happens to click on the link provided, they will be directed to a website where I can download the application and the malware replicates again. Researchers say the site could easily serve as a way for hackers to steal a victim’s personal information. In reality, it’s hard to imagine that most people are, say, gullible enough to follow the last step, but again, “123456” remain a popular password.
So, voila! It’s like a moral lesson about the evils of piracy, wrapped in a very, very stupid app – an app that does nothing but hijack your conversations with friends and loved ones to make your own existence useless.
Of course, the access provided by an application like this means that a bad actor could certainly abusedo more than send annoying messages (such as stealing your private information and therefore getting stuck in a potential extortion scheme)). In addition, if messages sent to the victim’s contacts have been modified with something other than a Netflix Netflix ad or additional malicious links have been added to the hijacked WhatsApp messages, a person could have a mess on their hands. So it is not only an annoying application, but also potentially dangerous.
Perhaps the worst thing here is that Flix has been in the Play Store for about two months, compromising about 500 devices, according to Check Point (the app has since been removed). It’s another great example of how Google hasn’t always done an amazing job when it comes to removing the bad apps distributed on its platform.
“The fact that the malware could be disguised so easily and eventually bypassing the Play Store protections raises some serious red flags,” said Aviran Hazum, mobile information manager at Check Point. He added that while this specific malware campaign has been stopped, the same malware could be implemented again through another fake application. So … be careful there, pirate friends. Remember: there is no free content.