WhatsApp has become a household name; it has enabled millions of people from different platforms to communicate with each other. Ill-intentioned developers have realized this and are looking for ways to make a quick cash out of it.
For several days, there has been a fake WhatsApp app called “Update WhatsApp”, it was downloaded more than a million times by unknowing users on Google Play Store. What is most worrying is how the app had a similar logo and developer name as the real thing. Fortunately, the app wasn’t spreading malware or any harmful content, it simply bombarded the user with numerous ads, clicking on the ads makes money for the tricky developer.
Security researchers found out that the fake app was able to bypass Google’s security measures by using blank spaces and Unicodes to make the developer name and titles look like the legitimate ones. Google has already pulled the app from the store and banned the developer. Lukas Stefanko, ESET security researcher, twitted that soon after the fake app was revoked, a slew of new illegitimate ones came in, these new batch even had fake reviews too.
Apparently, this isn’t the first time such a thing is happening, Facebook and Instagram have at one point been victims as well. In the case of Facebook, a security app called “Stay Secure” would pretend to keep your social network safe with the condition that you first key in your Facebook username and password, both of which were stolen.
We can only hope that Google closes all loop holes before financial apps are targeted or other malicious malware gets its way through fake apps.
