This Fake WhatsApp Has Already Accumulated Over 1 Million Downloads On Google Play


A fake WhatsApp application was downloaded more than 1 million times from Google's Play Store before it was finally removed, and that should serve as a wake-up call that Google needs to do a better job vetting its submissions. In this case, the malicious app slipped through the cracks by spoofing the legitimate version, both in appearance (it initially used the same icon) and the developer field.

The malicious version was spotted by Nikolaos Chrysaidos, a security researcher at Avast, one of the better known antivirus companies (particularly in the realm of free AV). According to Chrysaidos, the fake WhatsApp application was used by its author to generate revenue through ads. For that to be worthwhile, it needed to convince a lot of people into downloading it, and that is where the trickery came into play.
As the Chrysaidos explains, the developer was able to make it look like the fake app was created by developer "WhatsApp Inc" by using a special character that appears as a white space. To the naked eye, it is indistinguishable from the real WhatsApp Inc, which was obviously the intention.

The app was initially called "Update WhatsApp Messenger." It was later changed to "Dual Whatsweb Update" with a new icon before it was pulled from the Play Store, though not before a lot of Android users downloaded and installed it. They can consider themselves lucky that all this one did was attempt to generate ad revenue.

Still, this represents an underlying problem of the Play Store, one that Google has been trying to fix. This is far from the first time a fake and/or malicious app has slipped through the cracks. In 2015, Google had to blocked a malicious app that was disguised as a battery monitor and sent text messages to premium rate phone numbers. And just last month, Chrysaidos called to attention a fake Facebook Messenger app that racked up more than 10 million downloads.