Security researchers founded a wormable Android malware which is downloadable from the official play store and having the capabilities of spreading through WhatsApp messages.
The malware was spotted as a rouge Netflix application which is named as FlixOnline. Once the malware executes then it starts spreading through an automatic reply to the victim’s incoming WhatsApp messages and containing the payload which further executed the command-and-control server.
The entire application is designed to track the user’s WhatsApp notification and sending automatic replies to the user’s messages with the help of content that was sent over the command-and-control server.
However, the malware technique is updated and innovative. The technique is to capture the connection with the help of WhatsApp through notifications and the malware also able to predefined the actions that include dismiss and reply button through the notification manager.
The application is plugged and downloaded from the Play Store, and they are targeting more than 500 downloads in two months. These attacks permitted the attackers while spreading the malicious links and steal the data from the user’s WhatsApp accounts, and transfer the malicious messages to the users with the help of WhatsApp contacts and groups or they will also threaten the users by leaking the sensitive WhatsApp data or conversations.
Whereas, FixOnline is marked as the second application that was caught while penetrating the WhatsApp messages and transmitting the malware. Whereas, in January 2021 the security researcher also discovered a fraud Huawei Mobile application that was created and used while deploying the same type of wormable attack.
Meanwhile, the previous attack is also requesting the users while opening the same applications and demanding the permissions of accessing the application and it will help the while providing the better functionality.
Summering Up
The experts state this malware can infect the users so easily and also it overlaps the Play Store protections while initiating some serious red flags. They also stopped another malware campaign and the malware family is likely here to stay while they may return the hidden applications.
Experts also advised the users to download the links or attachments that they receive through WhatsApp or other messaging applications that are appeared to be connected with the trusted contacts or with messaging groups.
