Fake WhatsApp On Google Play Store Downloaded By Over 1 Million Android Users

Flengo

Level 2
Thread author
Verified
Oct 19, 2017
52
Cybercriminals are known to take advantage of everything that's popular among people in order to spread malware, and Google's official Play Store has always proved no less than an excellent place for hackers to get their job done.

Yesterday some users spotted a fake version of the most popular WhatsApp messaging app for Android on the official Google Play Store that has already tricked more than one million users into downloading it.

Dubbed Update WhatsApp Messenger, came from an app developer who pretended to be the actual WhatsApp service with the developer title "WhatsApp Inc."—the same title the actual WhatsApp messenger uses on Google Play.

You might be wondering how the sneaky app developer was able to use the same title as the legitimate Facebook-owned maker of the messaging client—thanks to a Unicode character space.

The app maker added a Unicode character space after the actual WhatsApp Inc. name, which in computer code reads WhatsApp+Inc%C2%A0.

However, this hidden character space at the end of the WhatsApp Inc. would be easily invisible to an average Android user browsing Google Play Store, allowing this dodgy version of the app to masquerade as a product of WhatsApp Inc.

In other words, the titles used by the fake app maker and real WhatsApp service are different but appeared same to a user.

According to Redditors, who first spotted this fake app on Friday, the app was not a chat app; instead, it served Android users with advertisements to download other apps.

"I've also installed the app and decompiled it," one Redditor said. "The app itself has minimal permissions (internet access) but it's basically an ad-loaded wrapper which has some code to download a second apk, also called 'whatsapp.apk.' The app also tries to hide by not having a title and having a blank icon."​

Google has now removed the fake WhatsApp Android app from its official Play Store, but this incident once again marked the tech giant's failure to spot the scam on its app platform—even for the program that had more than a million downloads.

It is an unfortunate truth that even after so many efforts by Google (even recently launched Bug Bounty Program), malicious apps continuously somehow managed to fool its Play Store's security mechanism and infect millions of Android users.

Google Play Store is still surrounded by hundreds of other fake and malicious apps that trick users into downloading and installing them and potentially infect their smartphones to carry out malicious things without their knowledge.

So, users are advised to be more vigilant while downloading apps not only from the third-party app store but also from official Play Store in order to protect themselves.​
 

Prorootect

Level 69
Verified
Nov 5, 2011
5,855
-- unbelievable! We are not defended either by Google, or other... What is Google doing with so much money that it has? I guess, then probably the same story is happening in Chrome Web Store, with our beloved extensions - awful!
Indeed, I am very cautious often, seeing dozens of adblock or other very suspicious extensions, which can have the same description, but different names... I've seen this often! Never downloaded these ones!
The bad web is here, not far, so beware!

.. Let's keep our eyes open!

.. and download the security extensions I posted topics in 'Browsers and Extensions' section.


PS. beware - why I see, in the window in your post, this inscription only: "Update Whatsapp Messenger" ??? :eek:
I don't click on this, maybe hacked window ..
 
Last edited:

oneeye

Level 4
Verified
Jul 14, 2014
174
Just one more reason to have extra protection with Mobile Security apps. Sophos is tops in testing, where "Play Protect" came in dead last in recent testing by AV Test.

You would like to think, that with "Bouncer" and "Play Protect" Google would have most badware covered? Ha!
 
  • Like
Reactions: Sunshine-boy
F

ForgottenSeer 58943

Just one more reason to have extra protection with Mobile Security apps. Sophos is tops in testing, where "Play Protect" came in dead last in recent testing by AV Test.

You would like to think, that with "Bouncer" and "Play Protect" Google would have most badware covered? Ha!

Norton Mobile also checks store apps BEFORE you download them, and would have flagged this.
 
  • Like
Reactions: Sunshine-boy

oneeye

Level 4
Verified
Jul 14, 2014
174
Norton Mobile also checks store apps BEFORE you download them, and would have flagged this.

Actually, I have Lookout and McAfee running with Sophos as my main Security app. I'm just testing the other two out of curiosity. Since Lookout is installed on every HTC sprint device I've had, I occasionally turn it back on, tinder what improvements have been made. Even though AV Comparatives they tested poorly over the last few years, they do have some innovative features now. McAfee is a decent app too, in their own right. And, I actually think they have helped my battery use when device is off, overnight.
 
  • Like
Reactions: Sunshine-boy

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top