We have received a new malicous Android malware which look alike a genuine Netflix application, and which is used to steal the Netflix account information.
This is a classic case of trojanzied malware wherein the fake application which is very much identical to the genuine application and which lures the users to enter the Netflicx account information; even the permission required by the fake application are also identical with the genuine Netflick application.
After installation of the application it asks the user to enter the Nerflix account information such as Email Id and the password.This information is captured and send to the remote server, which at the time of the writing the blog is down.Once the information is entered it presents the user with the screen indicating the incompatibility with their hardware and a recommendation to install another version of the application.
Icon of the application
The account credential screen
Code for sending the information to remote server
Thanks Sandip for analyzing the sample. Quick Heal Mobile Security detects the file as Android.Fakeneflic.A.
Users are advised to install the apps from trusted sites only.
Leave a reply
