This fake Netflix app hijacks your WhatsApp messages

WhatsApp
(Image credit: guteksk7 / Shutterstock)

Security researchers found and reported a new malware on Google’s Play Store that propagates itself through WhatsApp messages. 

Check Point Research (CPR) says the malware was hidden in a fake Netflix application called FlixOnline on the Google Play Store.

“The fact that the malware was able to be disguised so easily and ultimately bypass Play Store’s protections raises some serious red flags. Although we stopped one campaign of the malware, the malware family is likely here to stay. The malware may return hidden in a different app,” says Aviran Hazum, Manager of Mobile Intelligence at Check Point.

TechRadar needs you!

We're looking at how our readers use VPN for a forthcoming in-depth report. We'd love to hear your thoughts in the survey below. It won't take more than 60 seconds of your time.

>> Click here to start the survey in a new window<<

WhatsApp phishing

According to CPR, once installed, the app unleashed the worm-like malware which hijacked connections to WhatsApp in its bid to automatically respond to incoming messages on behalf of its victims. The content of the response was provided by a remote server. 

In the couple of months it stayed on the Play Store, the malware infused FlixOnline app was downloaded about 500 times. CPR says it shared its finding with Google and the malicious app was subsequently taken down. 

Hazrum however doesn’t expect these types of malware to fizzle out anytime soon, since the threat actors have apparently found a way to break through Play Store’s protections.

As a general principle, Hazrum suggests users to not exclusively rely on Play Store’s protections and be “cautious of links and attachments received over WhatsApp or other messaging apps, even when they appear to come from trusted contacts or messaging groups.” 

Mayank Sharma

With almost two decades of writing and reporting on Linux, Mayank Sharma would like everyone to think he’s TechRadar Pro’s expert on the topic. Of course, he’s just as interested in other computing topics, particularly cybersecurity, cloud, containers, and coding.

Read more
Android phone malware
This nasty Android malware is posing as the Telegram Premium app
 In this photo illustration a Google Play logo seen displayed on a smartphone.
Why is there so much spyware hidden in the Play Store?
malware
Google warns of legit VPN apps being used to infect devices with malware
mobile phone
Popular Android financial help app is actually dangerous malware
An Android phone being held in the hand
These malicious Android apps were installed over 60 million times - here's how to stay safe
Android phone malware
Screen reading malware found in iOS app stores for first time - and it might steal your cryptocurrency
Latest in Security
cybersecurity
Chinese government hackers allegedly spent years undetected in foreign phone networks
Data leak
A major Keenetic router data leak could put a million households at risk
Code Skull
Interpol operation arrests 300 suspects linked to African cybercrime rings
Insecure network with several red platforms connected through glowing data lines and a black hat hacker symbol
Multiple routers hit by new critical severity remote command injection vulnerability, with no fix in sight
Code Skull
This dangerous new ransomware is hitting Windows, ARM, ESXi systems
An abstract image of a lock against a digital background, denoting cybersecurity.
Critical security flaw in Next.js could spell big trouble for JavaScript users
Latest in News
DeepSeek
Deepseek’s new AI is smarter, faster, cheaper, and a real rival to OpenAI's models
Open AI
OpenAI unveiled image generation for 4o – here's everything you need to know about the ChatGPT upgrade
Apple WWDC 2025 announced
Apple just announced WWDC 2025 starts on June 9, and we'll all be watching the opening event
Hornet swings their weapon in mid air
Hollow Knight: Silksong gets new Steam metadata changes, convincing everyone and their mother that the game is finally releasing this year
OpenAI logo
OpenAI just launched a free ChatGPT bible that will help you master the AI chatbot and Sora
An aerial view of an Instavolt Superhub for charging electric vehicles
Forget gas stations – EV charging Superhubs are using solar power to solve the most annoying thing about electric motoring