Did you download this fake ad-infected WhatsApp from the Google Play Store?

By Mark Austin Published November 16, 2017

Last week, an official-looking version of the popular WhatsApp messaging application for Android appeared on the Google Play Store, and more than one million users were tricked into downloading the fake app. The “Update WhatsApp Messenger” download page even appeared to come from the actual creators, as it included the real developer’s title “WhatsApp Inc.” How could something malicious have fooled so many users?

It turns out the cybercriminal used some Unicode trickery to make it appear authentic. As you can see in the app details captured in the screenshots above from The Hacker News, the scam artist added an invisible character space in the actual company name: “WhatsApp+Inc%C2%A0.”

Recommended Videos

Although it looks very much like the real thing, installing the rogue software will run the real Android WhatsApp client, but with advertising plastered around it.

A Redditor named DexterGenius first spotted the discrepancy and decompiled the download code to find out what it really did. “The app itself has minimal permissions (internet access) but it’s basically an ad-loaded wrapper which has some code to download a second apk, also called ‘whatsapp.apk.,’ DexterGenius wrote. “The app also tries to hide itself by not having a title and having a blank icon.”

The scam app has now been removed from the official Google Play Store, but it’s curious how it ended up there in the first place, as it would lead users to think they’re downloading a legitimate app directly from a Facebook-owned property.

Google has recently been making efforts to remove “zombie apps” from its Play Store, and has even deployed AI algorithms to detect potential infections with its Play Protect system. Still, the ongoing presence of malware and adware on the service remains a real concern.

When asked for comment on the fake WhatsApp download, Google told The Register it was “looking into the matter.”

Even when downloading or updating from a trusted source such as the Google Play Store, it pays to be vigilant. Malware on mobile devices has seen a sharp increase lately, and Google may soon be introducing a “panic button” feature than can get you out of a jam if you inadvertently download the wrong thing.

Former Digital Trends Contributor

Mark’s first encounter with high-tech was a TRS-80. He spent 20 years working for Nintendo and Xbox as a writer and…

Topics

Mobile

iPhone now lets you make WhatsApp your default for messages and calls, here’s how

iPhone users can now get setup so that WhatsApp is their default messaging and calling app.

If your iPhone is updated to iOS 18.2 then the functionality is already available for you right now.

Mobile

WhatsApp’s prepping a new photo collage feature for status updates

WhatsApp app icon appearing on a phone.

WhatsApp is developing a new feature for sharing stories called collage photos. As reported by Android Authority, this feature aims to enhance the clarity and effectiveness of status updates.

Found in WhatsApp version 2.25.8.5, the collage photos feature includes a Layout button that appears when you attempt to post a media status. From this button, you can attach up to six photos arranged in various grid options. Additionally, you have the ability to reposition images within the layout to suit your preferences.

Mobile

WhatsApp makes move to cut the number of spam messages you get

Are you tired of seeing spam messages and getting notifications about being added to random chat groups from people you don't know? WhatsApp is working to limit the amount of spam messages you receive.

According to a report from TechCrunch, the chat platform announced on Tuesday that it will be testing monthly limits on the number of broadcast messages from both individual and business accounts in the coming weeks as part of an effort to reduce the amount of spam you'll get from those accounts whether you follow them or not. However, it's not entirely clear how many limits there will be.