Netflix for Android users are subject to a very low risk Trojan malware that dupes users into installing a fake version of the app, which steals user information, said Symantec.
Netflix's (NASDAQ:NFLX) staggered launch of its mobile
application for Google (NASDAQ:GOOG) Android handsets provided the perfect
cover for a new Trojan to attack unsuspecting users, according to security
power Symantec (NASDAQ:SYMC).
The malware at issue, dubbed
Android.Fakeneflic and classified as "very low risk" by Symantec
a "text-book case of an information stealing Trojan that targets account
information," said Symantec security engineer Irfan Asrar.
As text book as the Trojan malware might be, it's one that
seems only possible within the Android ecosystem, where some third-party
companies launch Android apps on some devices before others due to compatibility
and security issues.
That's what happened with Netflix.
Netflix rolled out its Android app to let users take their
streaming movies and TV shows on the go, starting with only five handsets in May: the HTC Incredible with Android 2.2, HTC Nexus
One with Android 2.2 and 2.3, the HTC Evo 4G with Android 2.2, the HTC G2 with
Android 2.2 and the Samsung Nexus S with Android 2.3.
Netflix Product Manager Roma De said Android's rapid
adoption and evolution made it challenging to build a streaming video
application because there just isn't a digital rights management (DRM) standard
for secure, streaming playback that Netflix can adhere to for rolling out its
application to every Android phone.The Netflix for Android app
finally rolled out on all Froyo and Gingerbread handsets
However, that gap in availability, combined with the
large interest of users attempting to get the popular service running on their
Android device, created the perfect cover for Android.Fakeneflic to
exploit, as developers tried to port pirated copies of the app to run on
handsets Netflix did not officially support.
The Trojan requires multiple permissions at the time of
installation, which are identical to the permissions required by the official
Asrar said the app is largely just a splash screen followed by a log-in
screen where user information is captured and posted to a server. Fortunately,
that server appears to be offline.
Still, users need to be sure not to download any funky Netflix apps not vetted by the Android Market or Netflix itself.
Symantec's discovery earlier this week comes during the
U.S.-based National Cyber Security Awareness Month.
"One highly visible
concern that makes this year different from previous years is the triple-digit
growth rates that are being reported across the board by every antivirus vendor
when it comes to threats discovered that target mobile devices," Asrar
Clearly, mobile devices -- smartphones and tablets -- are
increasingly replacing PCs as the ideal attack vendors for malware perpetrators.