Cybercriminals are known to take advantage of everything that's popular among people in order to spread malware, and Google's official Play Store has always proved no less than an excellent place for hackers to get their job done.
the recent past more or less users speckled a fake account of the a good number trendy WhatsApp messaging app for smart phones on the legitimate Google play-store that has before now tricked additional than one million users into downloading it.
Dubbed renew WhatsApp Messenger, came from an app developer who pretended to be the definite WhatsApp once-over with the developer title "WhatsApp Inc."—the same title that authenticate WhatsApp courier uses on Google Play-store.
You might be wondering how the sneaky app developer was able to use the same title as the legitimate Facebook-owned maker of the messaging client—thanks to a Unicode character space.
The app maker added a Unicode character space after the actual WhatsApp Inc. name, which in computer code reads WhatsApp+Inc%C2%A0.
However, this hidden character space at the end of the WhatsApp Inc. would be easily invisible to an average Android user browsing Google Play Store, allowing this dodgy version of the app to masquerade as a product of WhatsApp Inc.
In other words, the titles used by the fake app maker and real WhatsApp service are different but appeared same to a user.
According to Redditors, who first spotted this fake app on Friday, the app was not a chat app; instead, it served Android users with advertisements to download other apps.
"I've also installed the app and decompiled it," one Redditor said . "The app itself has minimal permissions (internet access) but it's basically an ad-loaded wrapper which has some code to download a second apk, also called 'whatsapp.apk.' The app also tries to hide by not having a title and having a blank icon."
Google has promptly disinterested the fake WhatsApp messaging app from its representative authorized Store, but this clash some time ago over again perceptible the tech giant's closure to place the con on its app platform—even for the encode that had added than a million downloads.
It is an adverse precision that drawn after subsequently loads of hard work by Google (even a moment ago launched irritate prize plan ), malicious apps ad infinitum by hook or by crook managed to fool its play store protection machine and infect millions of smart phone users.
Google play stock up is quiet surrounded by hundreds of other fake and malicious apps that scam users into downloading and installing them and potentially infect their smartphones to move out malicious equipment without their knowledge.
So, users are advised to be more vigilant while downloading apps not only from the third-party app store but also from official Play Store in order to protect themselves.