More than one million people this past week have been tricked into downloading a fake Android app that was purporting to be WhatsApp.
On the Play Store, it was called ‘Update WhatsApp’, in its original form the app mimicked the WhatsApp logo and details to trick users into downloading what they thought was an update for the popular messaging app.
This is just the latest in the line of high profile malicious apps to appear on the PlayStore.
This would suggest that these apps aren’t getting the robust scrutiny they should be getting once uploaded onto the PlayStore. Those with such a high number of downloads especially should have been flagged well before a Reddit user posted about the problem on there.
So far it looks like the fake app was merely a vehicle to create advertising revenue. But cyber criminals can use these same techniques of spoofing legitimate apps and sneaking them onto the Play Store to hack those who download these malicious apps.
Google have made improvements in recent years in regard to PlayStore security but there is clearly a long way to go.