A fake Android app disguised as an update for the popular messaging platform, WhatsApp, exposed Google’s inability to weed out malware and unwanted content. The fake app, titled “Update WhatsApp Messenger” and developed by “WhatsApp Inc.”, looked pretty much like the real deal – complete with the official images and description.
First spotted by Redditors, the app had been downloaded over a million times. The fake app was loaded with adverts and had a code for downloading another software. According to Redditors, the app itself had minimal permissions, and is an advert loaded wrapper of the original app. So when someone open WhatsApp, the app loads but with adverts on the sides. Apparently the app tries to hide itself by not having a title and having a blank icon.Comment from discussion PSA: Two Different Developers, under the SAME NAME..
But how did the developers manage to get the app on the Store unnoticed? The curious minds at Reddit decompiled the fake app, and discovered that the developers used the exact name i.e. “WhatsApp Inc.” but replaced the space with a special Unicode character, a “Space”, that looks like a space.
Google’s Play Store has a malware protection system called Play Protect. Many wondered why it failed to detect the flaw. According to some Android users, an app “doesn't have to exhibit obvious malware-like behaviour to be malicious”, making Play Protect a silent observer here. The fake app has since been deleted from the Store.