Hi Guys,

We have just been made aware of another version of wormable malware currently spreading through WhatsApp. Once infected, the malware spreads via the victim’s WhatsApp by automatically replying to any received WhatsApp message notification with a link to download a malicious version of the Netflix app called “FlixOnline”

Here is an example of how it works:

  • You send a message to a friend on WhatsApp
  • You get a response from them with a link to download the bogus Netflix app.
  • When you click on the link, you are taken to a lookalike Google Play Store website.
  • When you install the fake app, you are installing malware.
  • Once infected, the malware will be able to do the following:
    • Read your WhatsApp messages with a view to extorting you.
    • Read your notifications
    • Draw over other apps (used to steal your login credentials and additional sensitive information.
    • Spread itself to your contacts by automatically replying to any messages you receive with a malicious page link. Because this is wormable malware it can spread very fast, like a wildfire.

How to protect yourself:

  • Do not click on any links to an app called “FlixOnline”
  • If you do get any messages asking you to install this app let us know so we can try and track where it came from.
  • Only install apps from an official app store such as the Google Play Store.
  • Do not install any app from a link sent to you unless you are sure it is a legitimate link. Call the person who sent it and ask them to confirm that they sent it.

If you are not sure about anything just let me know and I can check.

Thanks and talk soon.

Max Roberts,
Incognito Privacy Care Team

Don’t forget we are now on Twitter and Facebook! Be sure to follow us for security tips and all the latest privacy news.