A fake version of the messaging app "What's App" appeared in the Google PlayStore. As much as Google has tried to prevent malware from being uploaded to its official Play mobile application store, the company has kept tripping up—with almost alarming regularity in recent months. The fake app was downloaded at least 1 million times over the past few days before Google removed it Sunday after learning of the issue from Reddit readers. The ad serving application was disguised to appear like a WhatsApp update and was one of several fake WhatsApp versions that users have reported finding on Google Play in recent days. On Nov. 5 a security researcher from Avast Antivirus posted a screen shot on Twitter of what appeared to be icons for as many as eight fake WhatsApp versions on Google Play.
In the latest incident, the developers simply used what are known as Unicode characters and blank spaces to fool Google Play's name check systems into believing the fake application was genuine. The developer was basically able to sneak the fake software into Play simply by making it appear that the app had the identical name and icon and was from the same developer as the real WhatsApp app. In this particular case, the rogue application was relatively benign since it just served up advertising, but the outcome could have been different if the payload had been more dangerous. In its statement, Google said all apps submitted to Google Play are automatically scanned for potentially malicious code. The company also has a new app review process to catch policy offenders earlier in the process, the company said. "But as we continue to make improvements to our review system, we still rely on the community of users and developers to flag apps for additional review."
Credits:
http://www.eweek.com/security/fake-whatapp-update-for-android-dodges-google-play-vetting-process
No comments:
Post a Comment