More than 1 million Android users have been fooled into downloading a fake Whatsapp application on Google Play due to one character space
An application maker pretended to be the real WhatsApp service and released an app called Update WhatsApp Messenger. However, it cooped the developer title “WhatsApp Inc.” which is exactly the same with the real one, owned by Facebook.
There is only one difference: the app maker added a Unicode character space after the WhatsApp Inc. name. Even though it may not be that obivious in the users’ eyes, in a computer code the difference stands out, as it reads WhatsApp+Inc%C2%A0.
The first to notice the problem were Reddit users on Friday. Apparently, the fake application was not even a chat app, but served users with ads to download other apps. Apparently, it has been downloaded more than 1 million times.
The developer is unknown, but it later changed the name of the app to “Dual Whatsweb Update,” and removed the “WhatsApp Inc.” developer title. Since then, it has been removed from Google Play.
“I can confirm that the app was removed from Google Play and the developer account was suspended for violating our program polices,” a Google spokesperson said Friday.
Fake Android apps are no longer something new and they are often used to spread malware on mobile phones. However, this incident is worrisome due to the fact that Google did not even notice the problem in the first place.