Fraudulent WhatsApp Chat Application Discovered in Google Play Store
A malicious app designed to mimic the popular chat messaging application WhatsApp was available for download in the Google Play Store late last week. It has since been removed, but not before it was downloaded by over a million unsuspecting Android users. The copycat app, named Update WhatsApp Messenger, was designed to trick users into thinking they were downloading an update for the legitimate WhatsApp messaging application. Once downloaded, however, the app installed adware to generate revenue for the developer through advertisements. While this is not the first time a fraudulent and malicious app has made its way into an official app store, this attempt was one of the most successful, highlighting the need for additional scrutiny by those who download and review new applications for mobile devices. The NJCCIC recommends all users who downloaded the fraudulent WhatsApp messaging application uninstall it immediately and ensure their mobile device software is up-to-date. Although we recommend never downloading apps from third-party sources, we also want to remind mobile device users to exercise caution even when downloading apps from official app stores, as these marketplaces have been increasingly targeted by these types of campaigns.