Cybercriminals and hackers never fail to surprise me with their malicious activities. They will use anything popular among people as a medium to spread malware. And things become haunting rather than surprising when you actually see what they can do, such as using a platform like the Google Play Store to get their nasty job done.
A fake WhatsApp was spotted last week on the official Google Play Store that has already fooled more than 1 million users to download it.
Named as “Update WhatsApp Messenger,” this fake version of the popular app appeared to be developed by the actual creators, with the real developer title “WhatsApp Inc.”— the same title used for the original WhatsApp Messenger on Google Play Store. But the question is how did they do that?
It turns out that the app maker added an invisible Unicode character space after the actual WhatsApp Inc. name. Although it appeared as an authentic name, in computer code was read “WhatsApp+Inc%C2%A0.”
Albeit looks very much like the original one, the fake WhatsApp is no chat app; instead, it is full of advertisements to download other apps.
“I’ve also installed the app and decompiled it,” said one Redditor named DexterGenius who first spotted this fake app. “The app itself has minimal permissions (internet access) but it’s basically an ad-loaded wrapper which has some code to download a second apk, also called ‘whatsapp.apk.’ The app also tries to hide by not having a title and having a blank icon.”
Well, the good news is Google has removed this fake WhatsApp from the official Google Play Store. The tech giant has already taken some actions to remove “zombie apps” from the Play Store. But, how this malicious app ended up there is the first place, is still a big concern. This incident is a warning that even if you’re downloading apps from such a trusted place like Play Store, you may not be safe at all.