<p>Thanks to the Covid-19 induced pandemic and the eventual roll-out of social distancing protocol to curb the spread of the infection, more and more people are embracing digital life. Now, online classes and work-from-home have become the new normal.</p>.<p>Also, most people get tired of working for long hours and try to binge-watch movies and TV series OTT (Over-The-Top) apps such as Amazon Prime Video, Netflix, and others to refresh their minds. Now, reports have emerged that bad actors have devised a cunning method of duping naive users to install fake OTT apps and steal their sensitive details.</p>.<p>Cyber experts at Check Point Research have detected the malicious app FlixOnline on Google Play Store. The malicious app's typeface and user interface look strikingly similar to Netflix. This is a ploy to deceive the gullible users into installing the application.</p>.<p>What's strange is that the FlixOnline was being marketed through WhatsApp messages. Hackers used to send the app's Google Play Store link to random users with lucrative offers including two months free Netflix subscription.</p>.<p>“2 Months of Netflix Premium Free at no cost For REASON OF QUARANTINE (CORONA VIRUS)* Get 2 Months of Netflix Premium Free anywhere in the world for 60 days. Get it now HERE (URL has been removed for safety purpose),” reads the message</p>.<p>Once installed, it asks the Android phone user to give three key permissions--Overlay’, ‘Battery Optimization Ignore’, and ‘Notification’.</p>.<p>The overlay permission will allow the app to create a fake login screen on any app and when the user is asked to type in credentials, the malicious app steals the information. Secondly, the battery optimization ignore permission will allow the app to work in the background even if the user hasn't opened it for a long time.</p>.<p>And the 'Notification' access permission will allow the fake Netflix app to screen all texts and contents not just on standard Android phone message app, but also others including</p>.<p>WhatsApp. It can even initiate the conversation with strangers or even friends without the mobile owner ever knowing about this.</p>.<p>This is a very serious threat to the user's personal information on the phone and the app can overtake the device.</p>.<p>As per the report, around 500 people had installed the malicious app. CheckPoint Research was able to detect early and notified Google. The latter has removed the FlixOnlie app from the Play Store.</p>.<p>Users have been warned not to install apps created by unknown publishers. Make it a practice to see through the reviews written by previous users of the app on the Play store. There, we are certain to get tell-tale signs that if the app is trustworthy or not.</p>.<p>Also, go to the publisher's website link provided on the Play store to get to know the co-founders who created the app.</p>.<p><strong>Must read |</strong> <a href="https://www.deccanherald.com/business/technology/hackers-use-linkedin-with-fake-job-offers-as-bait-to-prey-on-users-971531.html" target="_blank">Hackers use LinkedIn with fake job offers as bait to prey on users</a></p>.<p><em>Get the latest news on new launches, gadget reviews, apps, cybersecurity, and more on personal technology only on <a href="https://www.deccanherald.com/tag/dh-tech?_ga=2.210580691.73733284.1595225125-1706599323.1592232366" target="_blank">DH Tech</a>.</em></p>
<p>Thanks to the Covid-19 induced pandemic and the eventual roll-out of social distancing protocol to curb the spread of the infection, more and more people are embracing digital life. Now, online classes and work-from-home have become the new normal.</p>.<p>Also, most people get tired of working for long hours and try to binge-watch movies and TV series OTT (Over-The-Top) apps such as Amazon Prime Video, Netflix, and others to refresh their minds. Now, reports have emerged that bad actors have devised a cunning method of duping naive users to install fake OTT apps and steal their sensitive details.</p>.<p>Cyber experts at Check Point Research have detected the malicious app FlixOnline on Google Play Store. The malicious app's typeface and user interface look strikingly similar to Netflix. This is a ploy to deceive the gullible users into installing the application.</p>.<p>What's strange is that the FlixOnline was being marketed through WhatsApp messages. Hackers used to send the app's Google Play Store link to random users with lucrative offers including two months free Netflix subscription.</p>.<p>“2 Months of Netflix Premium Free at no cost For REASON OF QUARANTINE (CORONA VIRUS)* Get 2 Months of Netflix Premium Free anywhere in the world for 60 days. Get it now HERE (URL has been removed for safety purpose),” reads the message</p>.<p>Once installed, it asks the Android phone user to give three key permissions--Overlay’, ‘Battery Optimization Ignore’, and ‘Notification’.</p>.<p>The overlay permission will allow the app to create a fake login screen on any app and when the user is asked to type in credentials, the malicious app steals the information. Secondly, the battery optimization ignore permission will allow the app to work in the background even if the user hasn't opened it for a long time.</p>.<p>And the 'Notification' access permission will allow the fake Netflix app to screen all texts and contents not just on standard Android phone message app, but also others including</p>.<p>WhatsApp. It can even initiate the conversation with strangers or even friends without the mobile owner ever knowing about this.</p>.<p>This is a very serious threat to the user's personal information on the phone and the app can overtake the device.</p>.<p>As per the report, around 500 people had installed the malicious app. CheckPoint Research was able to detect early and notified Google. The latter has removed the FlixOnlie app from the Play Store.</p>.<p>Users have been warned not to install apps created by unknown publishers. Make it a practice to see through the reviews written by previous users of the app on the Play store. There, we are certain to get tell-tale signs that if the app is trustworthy or not.</p>.<p>Also, go to the publisher's website link provided on the Play store to get to know the co-founders who created the app.</p>.<p><strong>Must read |</strong> <a href="https://www.deccanherald.com/business/technology/hackers-use-linkedin-with-fake-job-offers-as-bait-to-prey-on-users-971531.html" target="_blank">Hackers use LinkedIn with fake job offers as bait to prey on users</a></p>.<p><em>Get the latest news on new launches, gadget reviews, apps, cybersecurity, and more on personal technology only on <a href="https://www.deccanherald.com/tag/dh-tech?_ga=2.210580691.73733284.1595225125-1706599323.1592232366" target="_blank">DH Tech</a>.</em></p>
.png)