Can you spot the fake app? Fake app on the left. Official app on the right
Last weekend it was revealed that over one million Android users downloaded a fake version of the messaging app, WhatsApp, from the official Play Store.
The imitation dubbed ‘Update WhatsApp Messenger”, was convincing enough to encourage users to install the update without suspecting a thing. Instead, people were unknowingly infecting their phones and tablets with malicious software, packed to the brim with adware.
The fake app was unveiled when a curious victim of the attack dug a little deeper and flagged the app to fellow Redditors.The Reddit user ‘DexterGenius’ decompiled the fake WhatsApp version and discovered it was an ad-loaded wrapper which included the code to download a second apk.
After being exposed, the developer, or developers of the fake app attempted to trick people once again, by renaming it “Dual Whatsweb Update”. Thankfully, it was booted off from the Play Store before it could strike again.
How to spot a fake app
The reason this imitation app was so believable, is it challenged our preconceived notions of fake applications. Firstly, we’re often told to look out for reviews. If they’re plentiful and favorable, then surely the app in question is legit, right? Think again.
Scammers chasing a quick buck might not go to the trouble of sourcing fake reviews, knowing their application only has a finite lifespan before it’s likely to be flagged and removed. ‘Update WhatsApp Messenger” however, boasted over 4,000 five-star reviews, showing this operation was more sophisticated than most.
Secondly, we’re always warned to do a little research and look out for the developer’s name before installing any new application. On this occasion, the only distinguishing factor between the real developer name and the scammers was a space after ‘WhatsApp Inc.’ Due to the white background and convincing branding, this is extremely difficult for the eye to spot at first, or even with a second glance.
It’s unfortunate that even after so many efforts by Google to prevent malicious apps from making their way onto the Play Store (like with the latest Bug Bounty Program launch), apps like these still manage to slip through the net.
Fake apps, real consequences
This is by no means the first time that a fake or malicious app has been spotted on the Play Store and it definitely won’t be the last. Earlier this year Google revealed that two million users had fallen victim to malware hidden in over 40 fake companion guide apps for popular mobile games, such as Pokémon Go and FIFA Mobile. This issue isn’t confined to Android either – Apple users have also been targeted.
As we’ve seen, scams are growing increasingly sophisticated and the consequences for an enterprise can be devastating. It only takes one infected device to open the floodgates to a high-level data leak within an organization. Clearly, this puts more than just individuals at risk.
Therefore, it’s imperative that organizations invest in a security solution that gives them full visibility into what applications are being used within their mobile fleets.
Introducing Wandera App Insights
Worry not; Wandera has a solution and it’s called App Insights.
App Insights begins by delivering a comprehensive list of apps that are being used across the mobile device estate, complete with the number of devices the application is installed on, versioning details, and additional metadata. This is exactly the kind of information your IT team need to make informed decisions over which apps are safe for corporate use.
The report also provides a complete security assessment for each app. This includes an analysis of the permissions requested and the network resources accessed by the app. If a member of your team is running an older version of an app that has since been fixed, App Insights can flag this for you.
These are important indicators of app security, and admins can use these insights to ensure that only the latest, most secure apps are installed across the fleet.
In the case of the ‘Update WhatsApp Messenger’, the fake app asked for more invasive permissions than the official application; which led to its eventual demise. With App Insights, these incidents can be contained and prevented, before corporate data is put at risk.
App Insights is just one element of Wandera’s multi-faceted security solution. It works alongside continuous app scans to identify ‘leaky apps’ across a network. Wandera employs a range of advanced machine learning techniques to detect anomalies, and to identify any vulnerabilities that could lead to a data leak.
If you’d like more information about how Wandera’s solution can help fight against the fakes and increase visibility across the mobile estate, make an appointment with a mobility expert.