We have received a new malicous Android malware which looks like a genuine Netflix application and which can be used to steal Netflix account information.
This is a classic case of trojanzied malware wherein the fake application, which is identical to the genuine application, lures users to enter their Netflix account information. Even the permissions required by the fake application are identical to the permissions required by a genuine Netflix application.
After installation, the application asks the user to enter their Netflix account information along with their email ID and password. This information is captured and sent to a remote server. Once the information is entered, it presents the user with a screen indicating an incompatibility with their hardware and a recommendation to install another version of the application.
Icon of the application:
The account credentials screen:
Code for sending the information to remote server:
Thanks Sandip for analyzing the sample. Quick Heal Mobile Security detects the file as Android.Fakeneflic.A.
Users are advised to install applications from trusted sites only.