It has recently been reported that over one million people have been scammed into downloading a fake version of WhatsApp.
The app, called “Update WhatsApp Messenger”, had been disguised to look just like the real deal.
Those who download the ‘update’ are then bombarded with adverts encouraging them to download other suspect programs.
The fake software is very convincing with the only noticeable different being the name, the layout and everything else is very, very similar. In fact, it was also noted by one Reddit user that in the Google Play Store the update included the official WhatsApp logo and had a high user rating of 4.2 stars.
Hacker News reported that the scammers had managed to pull off the trick by including invisible Unicode – “WhatsApp+Inc%C2%A0”.
The app has now been removed by Google, but Reddit users, dextersgenius, who downloaded it explained what happened.
“The app itself has minimal permissions (internet access) but it’s basically an ad-loaded wrapper which has some code to download a second apk, also called ‘whatsapp.apk’,” he said.
“The app also tries to hide itself by not having a title and having a blank icon.”
Not surprisingly there has been a lot of alarm bells ringing, simply by the fact that over one million people were able to download the dodgy app. All Android users place their faith in the
Play Store and trust that all apps downloaded are safe. The company claims to protect against “fake and malicious” apps but clearly their system isn’t foolproof.
Last week, another fake WhatsApp app made it onto Google Play, masquerading as the upcoming Business app.