It was bound to happen sooner or later. Symantec this week has a blog post here showing the differences between the real and fake Netflix Android app that is making its way around the Internet. The fake app is a real Trojan that will steal your account data. The two are very hard to distinguish at first glance.
Once a user enters their Netflix account information into the malicious app, the user’s information is captured and posted to a server. They are then presented with a screen indicating incompatibility with their hardware and a recommendation to install another version of the app. Upon hitting the “Cancel” button, the app attempts to uninstall itself.
Part of the problem was that the official Netflix app was initially released in the early part of the year and for limited number of Android phones. It took until this fall to be published to the Android Market with support for more devices. This availability gap made it easier for the exploit to thrive and masquerade as the real Netflix app.
The real and fake screenshots shown by Symantec (and excerpted above) are somewhat chilling: at first glance it would be hard to tell the difference between the two. So please be careful in downloading any app for your phone.