February 1, 2017

Fake Netflix app is actually ransomware

News Threats

People are downloading a new app, looking to get free access to Netflix accounts. What they’re actually getting is a malware strain called Netix that encrypts users’ data and demands $100 in bitcoins to unlock their files.

Fake Netflix app is actually ransomware

The program, called “Netflix Login Generator” is downloaded by users looking to gain access to Netflix without paying. The app purportedly has leaked Netflix accounts, which users can use to access the streaming service for free. In reality, all it does is provide fake account credentials that don’t work.

Once installed, the app shows you what looks like a login-password pair generator, but that’s just a distraction; it’s actually busy encrypting your data. Once it’s finished with that, up pops a ransom note.

Silver lining

Losing access to your personal photos, videos, and documents is terrible, but there is one small bit of good news: The current version of the app (version 1.1) encrypts only certain file types (see below), and it also targets only the C:/user directory. Other types of ransomware can be much more thorough when encrypting.


.ai, .asp, .aspx, .avi, .bmp, .csv, .doc, .docx, .epub, .flp, .flv, .gif, .html, .itdb, .itl, .jpg, .m4a, .mdb, .mkv, .mp3, .mp4, .mpeg, .odt, .pdf, .php, .png, .ppt, .pptx, .psd, .py, .rar, .sql, .txt, .wma, .wmv, .xls, .xlsx, .xml, .zip

Also, in an odd twist, this malware affects users running Windows 7 and 10 only; users running XP and Windows 8 shouldn’t be affected (yet).

That’s not to say the authors won’t update the malicious app in the future, but for now, if you are infected and your files are backed up on a separate, external drive, you shouldn’t have to worry too much.

The moral of the story

Like all such stories, this one comes with a few life lessons. First, if something sounds too good to be true (e.g., free access to Netflix), it probably is. Second, make regular backups of your precious data. Last but certainly not least, install antivirus protection — with ours, the first 30 days are free.