A week ago, an official version of famous application WhatsApp messaging application for Android flashed Google Play Store and more than ten lakh visitors managed into downloading the fake app. The “Update WhatsApp Messenger” download page even flashed to come from the original makers, as it involved the real developer’s title “WhatsApp Inc.”
It shows that the cyber criminal implemented some Unicode method to make it visiblly similar. The screenshot was taken from The Hacker News shows the app details. The Hacker News, the scammer added an invisible character space in the actual company name: “WhatsApp+Inc%C2%A0.”o make it.
In reality, it was similar to the original application, installing the rogue software will play the real Android WhatsApp client, but with advertising flashing around it.
A Redditor named Dexter Genius first spotted the difference and recompiled the download code to find what it actually did.
“The app itself has minimal permissions (internet access) but it’s basically an ad-loaded wrapper which has some code to download a second apk, also called ‘whatsapp.apk.,’ Dexter Genius wrote. “The app also tries to hide itself by not having a title and having a blank icon.”
When asked for comment on the fake WhatsApp download, Google told The Register it was “looking into the matter.”
Even when downloading or updating the software from a trusted medium like the Google Play Store, it depicts to be watchful.
Even when downloading or updating from a trusted source such as the Google Play Store, it pays to be vigilant. Bad-natured on mobile devices has increased hugely, and Google may soon be implementing a “panic button” feature that can get you out of a jam if you accidentally download the wrong thing.
Hi! I am a robot. I just upvoted you! I found similar content that readers might be interested in:
http://laughingcolours.com/beware-fake-adinfected-whatsapp-google-play-store-check-details-52297/