Over one million Android users unknowingly downloaded a fake version of the popular WhatsApp messaging service from the Google Play Store.
Disguised as an “update,” the app was designed to look nearly identical to the official version, and claimed to be developed by “WhatsApp Inc.”
Over the weekend, however, several users on Reddit flagged the deceiving app, warning others that it was intended to serve users with ads to download other apps.
“The app itself has minimal permissions (internet access) but it’s basically an ad-loaded wrapper which has some code to download a second apk, also called “whatsapp.apk,” explained one Reddit user with the handle dextersgenius.
“The app also tries to hide itself by not having a title and having a blank icon,” added the Reddit user.
The phony app was downloaded at least one million times before it was removed from the Google Play Store.
“I can confirm that the app was removed from Google Play and the developed account was suspended for violating our program policies,” said a Google spokesperson on Friday.
In this instance, the fraudsters’ intentions were to generate advertising revenue, but experts warn that the same technique can be used to distribute more harmful malware, hacking victims and stealing their personal information stored on the device.
As always, users are advised to review apps carefully before downloading, including reading user reviews and checking the requested permissions.
This is a Security Bloggers Network syndicated blog post authored by Maritza Santillan. Read the original post at: The State of Security