Blog

Quick Heal Security Labs
Fake WhatsApp Apps on Google Play – an analysis by Quick Heal Security Labs
November 6, 2017

A couple of fake WhatsApp apps found their way into the Google Play Store. These apps’ pages , names and developer title ‘WhatsApp Inc.’ look similar to the ones of the original WhatsApp app. Quick Heal Security Labs ran an analysis on these apps and this post outlines the results.

 

Original WhatsApp

Original WhatsApp

 

Fake WhatsApp Apps

Fake WhatsApp Apps

Fake app #1. Update WhatsApp Messenger

On Google Play, the app looks like the updated WhatsApp App.

On Google Play, the app looks like the updated WhatsApp App.

Package name: com.kkhkhk.gbkhdamch

This app was found on Google Play with the name ‘Update WhatsApp Messenger’ and Quick Heal Security Labs reported this to Google.

What does it do?
Once installed, the app asks the user to register their phone number and country name and wait for an activation code. But, no such code is received and in between this process, the user is bombarded with advertisements. This clearly shows that the developer’s main aim was to generate ad revenue.

fake-whatsapp2

Current Status: Removed from Google Play.

Fake app #2. WhatsApp Messenger

 

fake-whatsapp-app2

Package name: com.sosso.aoso

This app that masquerades the original WhatsApp app was also reported by Quick Heal Security Labs to Google.

fake-whatsapp3

What does it do?

Once installed, the app asks the user to register with an activation code valid for 12 or 24 months. If the user selects either of the options, the app shows a message that the activation code will be valid for 24 hrs but nothing happens.

Current Status: Removed from Google Play.

Detection
At the time of writing this post, no mobile security solution had detected these fake apps according to VirusTotal (www.virustotal.com).

virustotal2

 

How to stay away from fake apps?

• If you want to update an app, always go to the ‘My apps & games’ section in your Google Play App and tap on ‘update’. That way, you can ensure the update is genuine and not a fake.

• If you are searching for an app on Google Play and multiple, identical apps show up, then visit the app’s official website and compare the information.

• Protect your device with a reliable mobile security app that can prevent fake apps from getting installed on your device.

• Also check for reviews before installing an app. However, note that reviews can be faked too.

 

Acknowledgment

Subject Matter Expert
Anand Kumar Singh| Quick Heal Security Labs

SHARE THIS STORY

Have something to add to this story? Share it in the comments.

Quick Heal Security Labs
About Quick Heal Security Labs
Quick Heal Security Labs is a leading source of threat research, threat intelligence, and cybersecurity. It analyzes data fetched from millions of Quick Heal...
Articles by Quick Heal Security Labs »

No Comments, Be The First!

Your email address will not be published.

CAPTCHA Image