By | November 9, 2017

 

Once again crooks exploited the official Google’s Play Store as a repository for malicious apps. This time a fake WhatsApp version was used to infect over a million users that downloaded it.

Reddit users spotted a fake version of the most popular WhatsApp messaging app for Android on the official Google Play Store that has already tricked more than one million users into downloading it.

Dubbed Update WhatsApp Messenger, came from an app developer who pretended to be the actual WhatsApp service with the developer title “WhatsApp Inc.”—the same title the actual WhatsApp messenger uses on Google Play.

The Reddit user DexterGenius has decompiled the fake WhatsApp version and discovered it is an ad-loaded wrapper which included the code to download a second apk.

“Yep, also confirmed by long-pressing the link in a browser. I’ve also installed the app and decompiled it,” reported DexterGenius “

The app itself has minimal permissions (internet access) but it’s basically an ad-loaded wrapper which has some code to download a second apk, also called ‘whatsapp.apk.’ The app also tries to hide itself by not having a title and having a blank icon.”

Google has now removed the fake WhatsApp Android app from its official Play Store, but this incident once again marked the tech giant’s failure to spot the scam on its app platform—even for the program that had more than a million downloads.