The popularity of cheap messaging service WhatsApp is so intense that over a million people have downloaded a fake update on it from Google Play.
Reddit user named E_x_Lnc first noticed the extremely suspicious app available for download under the title “Update WhatsApp Messenger,” according to Mashable. To be fair, the fake is extremely convincing. It was even originally listed as being sold by WhatsApp Inc.
Redditors helped figure out that the phony Developer name was made by using a special unicode character called a “Space.” It’s not exactly something the average user can check while downloading apps, but it also fooled Google Play. Reddit user megared17 discovered and took a screenshot of the subtle difference.Fake WhatsApp Update on #GooglePlay . Under the "same" dev name. Incl. a Unicode whitespace. One Million downloadshttps://t.co/qjqxd6n6HP pic.twitter.com/dmvTksqpuP— Nikolaos Chrysaidos (@virqdroid) 3 November 2017
Real
Fake
Then /u/dextersgenius analyzed what this malicious app is trying to do; basically, to infiltrate your phone, spam you with ads, and make it undetectable to delete:
I’ve also installed the app and decompiled it. The app itself has minimal permissions (internet access) but it’s basically an ad-loaded wrapper which has some code to download a second apk, also called “whatsapp.apk”The app also tries to hide itself by not having a title and having a blank icon.
It appears that someone at Google Play has noticed the scam (or the reddit thread), and the Developer is now listed as Live Update Apps.
And there will be plenty of people who hit download without even double-checking the Developer name either. It’s a scary world out there, folks. If you’re not inclined to double check an app before downloading, you may want to try regular texting.
No comments:
Post a Comment