According to reports, a malicious version of the WhatsApp messaging app was downloaded over one million times from Google Play Store before it was taken down.
This is not the first time that Google has had to identify and remove fake apps from the Play Store. In 2015, for example, the firm blocked one program that disguised itself as a battery monitor, and sent premium-rate text messages from people’s phones.
>See also: Severe vulnerability discovered in WhatsApp
This fake app was entitled Update WhatsApp Messenger, and appeared to have been developed by the same firm behind the real application – WhatsApp Inc.
Those who received automatic updates from the real WhatsApp have not been affected.
Those who created this fake app made it look as though the developer behind it was the real WhatsApp Inc. They used the same name, and replaced the space with a character that looks like a space.
This difference would have been near impossible for the average user to notice.
According to a forum on Reddit, the malicious app contained fakes adds and could download software to the users devices who downloaded it; which has security connotations for both personal and work life in the BYOD era.