WhatsApp is one of the most downloaded apps in the world. Almost every other smartphone user has the Facebook-owned messaging app installed on their phone. However, being one of the most popular apps has its disadvantages. There are numerous lookalikes lurking on the Internet and one of these fake WhatsApp versions is a malicious app that can take control of a user's personal data.
The fake WhatsApp version called 'WhatsApp Plus' has been spotted online. This particular app has the potential to gain access to users' personal information, according to a report by anti-malware software maker Malwarebytes Lab.
The dubious app is no longer listed in Google Play Store. However, a link to the .apk of the app is still being circulated through spam messages.
The WhatsApp Plus app has been classified as a variant of a fake WhatsApp Riskware that was discovered last year.
How to recognize the WhatsApp imposter?
The malicious WhatsApp Plus features a gold logo instead of the original green WhatsApp logo. Upon installation, the app prompts a screen with the gold WhatsApp logo in the center with a URL and a handle written inside the logo.
After you click on the 'Agree and Continue,' the app prompts you that the version is outdated and will redirect you to Google Play Store to update with a newer version of the app.
"Please go to Google Play Store to download the latest version," reads the message on the app.
There's also a download option, which takes you to the URL from the gold logo.
Once you click on that, the fake WhatsApp diverts you to a potentially harmful website where the text is in Arabic. The website states the details of the developer of the app and lets you download "Watts Plus Plus WhatsApp."
The app includes several features like hiding received texts, typing a message, reading texts and even hide notifications if you have played a voice clip.
How does the app work?
WhatsApp Plus has been identified as a variant of Android/PUP.Riskware.Wtaspin.GB, which is classified as a Fake Whatsapp Riskware.
Meanwhile, Malwarebytes has not yet revealed exactly how the app works and gathers data.
"No matter the true author or origin of this fake WhatsApp, I suggest sticking with the real WhatsApp on Google Play. Although Google Play has its faults, it is tremendously safer than some of the sources I came across researching this malware," the report concludes.
It's pretty apparent that Google still needs to have better control over malicious apps on its Play Store. The fact that apps like these are still able to make it to Play Store despite the strict guidelines makes Google's security features like Play Protect questionable to some extent.
It is always advisable to download only the genuine apps by verified developers from Play Store and not via some APKs found on certain downloading sites.