Beware of This Fake WhatsApp App on Google Play Store

The popularity of the cheap messaging service WhatsApp is so great that over a million people have downloaded fake updates for it from Google Play.

According to Mashable, Reddit user E_x_Lnc was the first to spot an extremely suspicious downloadable app called Update WhatsApp Messenger. In all fairness, the fake is extremely convincing. It was originally even listed as being sold by WhatsApp Inc.

Redditors helped to figure out that the fake Developer name was created using a Unicode special character called “Space”. It’s not exactly what the average user can check when downloading apps, but it also tricked Google Play. Reddit user megared17 found a slight difference and took a screenshot.

Real

Fake

Then / u / dextersgenius analyzed what this malicious application was trying to do; mainly to sneak onto your phone, spam you with ads and make it undetectable for removal:

I also installed the application and decompiled it. The app itself has minimum permissions (internet access), but it is basically an adware shell that has the code to download the second apk , also called “whatsapp.apk”.

The app also tries to hide without a title and a blank icon.

It looks like someone on Google Play noticed a scam (or a Reddit thread) and the developer is now listed as Live Update Apps.

However, people were quick to point out that this is an extremely common problem that Google Play hasn’t found a solution to.

And there will be a lot of people who will click on download without even double checking the developer’s name. This is a terrible world, guys. If you’re not inclined to double-check the app before downloading, you can try plain text messages.

More…

Leave a Reply