Last week, an official-looking version of the popular WhatsApp messaging application for Android appeared on the Google Play Store, and more than one million users were tricked into downloading the fake app.
According to a recent report from BBC, redditors have discovered that a fake WhatsApp program that was available in Google Play was downloaded more than 1 million times recently before Google took it down.
The app, which was officially known as Update WhatsApp Messenger, had the same look and feel as the real Facebook-owned WhatsApp, and was even designed by someone who chose the name “WhatsApp Inc.,” to make people think it was a legitimate program.
It turns out the cybercriminal used some Unicode trickery to make it appear authentic. As you can see in the app details captured in the screenshots below, the scam artist added an invisible character space in the actual company name: “WhatsApp+Inc%C2%A0.”
Although it looks very much like the real thing, installing the rogue software will run the real Android WhatsApp client, but with advertising plastered around it.
A Redditor named DexterGenius first spotted the discrepancy and decompiled the download code to find out what it really did. “The app itself has minimal permissions (internet access) but it’s basically an ad-loaded wrapper which has some code to download a second apk, also called ‘,'” DexterGenius wrote. “The app also tries to hide itself by not having a title and having a blank icon.”
Facebook’s WhatsApp is one of the most popular chatting applications in the world, allowing users to send everything from text and video to audio to others. WhatsApp also includes encryption technology to allow users to communicate with other people without worrying too much about an unauthorized person peering in to see what the discussion is about.