When it comes to its streaming video service, Netflix can be access by any number of devices and software programs. That includes the official Netflix app for Android-based smartphones. But it looks like a person has now created a malicious Android app that's made to look much like the real one. The PC security software company Symantec has sent out an alert to this fake app which it calls Android.Fakeneflic.
As you can see in the picture above, the user interface for Android.Fakeneflic closely resembles the real Netflix Android program and could easily be downloaded and installed by an unsuspecting Android smartphone user. Symantec's alert says, "The malicious app is not too difficult to understand. Despite the fact that there are multiple permissions being requested at the time of installation – identical to the permissions required by the actual app – our analysis shows that this is, in fact, a red herring, probably used to add to the illusion that the end user is dealing with the genuine article."
The goal of Android.Fakeneflic is apparently to record the Netflix user name and password of the affected Netflix subscriber and send that information to a remote server, although Symantec's alert claims that server doesn't appear to be online at the moment. It adds, "Once a user has clicked on the 'Sign in' button, they are presented with a screen indicating incompatibility with the current hardware and a recommendation to install another version of the app in order to resolve the issue. There is no attempt to automatically download the recommended solution." The alert doesn't say if the fake Netflix app is available on the Android Marketplace or if it is found on a third party app store.
Image via Symatec