Android users, if you ever try to search for the Netflix app in Android Market or any other third party app store, beware that there exists a bogus Netflix app, which you can easily tell apart based on the photo above. What this bogus app does is that it presents itself to the user as a real Netflix app, requiring the user to enter their Netflix login credentials, which it then stores and sends to a server.
At this point in time it appears that this is pretty much all it does. It is unsure why they would even want the user’s credentials since not much can be gleaned by logging into the user’s account, not even credit card information since only the last four digits of the credit card is displayed at all times. It has been suggested that perhaps this is just a trial run by the developers of this bogus app for something a little more malicious in the future, such as bogus mobile banking app.
Symantec seems to think that the reason why this bogus app has been making its round is due to Netflix releasing their official app earlier this year for select Android handsets only, and only recently publishing its app with additional device support. This gap in release, combined with many users interested in getting their hands on the app might have explained the reason why so many people may have fallen prey to this bogus app.