This App is hacking WhatsApp Account   in the name of giving free  Netflix Subscription

Be careful! This app is hacking WhatsApp account in the name of giving free Netflix subscription

If you’ve downloaded an Android app from the Google Play Store to watch Netflix movies or shows for free, be careful, because it can steal your WhatsApp data! Although very surprising, such shocking information has come up in front of all of us. Researchers at Cyberspace said last Wednesday that they had discovered a bogus service app in the Google Play Store that would allow users to watch Netflix shows and movies on their smartphones for free. But in fact, it keeps an eye on the user’s WhatsApp notifications, as well as automatically replies to incoming messages.

According to Threat Intelligence Firm Checkpoint Research (CPR), the fake app, called FlixOnline, works by connecting to a remote command and control center. This method enables hackers to launch phishing attacks, spread more malware, or steal data from users’ WhatsApp accounts and chats.

When the app is downloaded and installed from the Play Store, the underlying malware launches a service that causes requests for “overlay”, “ignore battery optimization” and “notification” permissions on the device, Checkpoint Research researchers said in a press note. . This allows the malicious app to create new windows on top of other applications, prevent malware from being shut down by the device’s battery optimization routine, and accessing all notifications.

CPR also said that such applications could hack all types of data through auto-reply, as well as cause problems in business chats, and even blackmail users in exchange for sensitive information. As soon as the fake app was discovered, the CPR team immediately reported the matter to tech giant Google. As a result, Google immediately removes this app from the Play Store. This application has already been downloaded about 500 times. CPR states that if a user has downloaded the app, they should immediately remove the app from their device as well as change the device’s password.