Scammers tricked over 1 million Android users into downloading a fake version of the popular messaging app WhatsApp pretending to be the official one. The app, now deleted, was called “Update WhatsApp” available on official Google Play Store.
After being exposed, the developer of the fake app tried to trick users once again by renaming it to “Dual Whatsweb Update” before it was booted off from the Play Store. The app was exposed by a Reddit user who conducted a thorough research and indicated that millions of Android users were tricked into downloaded the malicious app.
A look at the app’s cache version shows it had 1,000,000 to 5,000,000 downloads while in the review section users complained that the app is fake and spamming their devices with ads. However, it also had 4,462 five star ratings which indicate that users should never trust an app’s rating.
Although the app has been removed, it is unclear if it infected users with malware or only generated ads through spam. It, however, shows that Android users do not pay attention while downloading an app. That is why cybercriminals and scammers are always successful in targeting Android-based smartphones with malware and other online scams.
As for WhatsApp, this is not the first time when attackers have used the popular messaging app for malicious purposes. Previously, WhatsApp Gold version scam successfully targeted masses along with WhatsApp banking malware that infected Android devices to steal credit card and personal data.
As for Google Play Store’s security, nothing is shocking about a malicious app on Play Store. In fact, the Store is home to tons of malware infected and phony apps targeting users on daily bases. Therefore, Android users are urged not to download unnecessary apps from third-party websites or Google Play Store. Be vigilant and use a reliable mobile security product.
