Greedy developers target Android users by creating fake applications to infiltrate Google’s play store. Google has been unable to control such scammers. Several weeks ago, more than one million users downloaded a dummy WhatsApp application. In 2016, many counterfeit Instagram, Facebook and WhatsApp applications were created. Security researchers had warned severally about developers who make fake apps to earn money quickly.
Google removed the new fake WhatsApp and banned its developer. It is reported to be the most downloaded application so far this year. Security experts often reveal how wicked developers succeed in penetrating the rich applications’ market.
Clever Characters’ Usage
Application scammers normally make many WhatsApp copies. Back in 2013, Eleven Paths security firm warned about a WhatsApp replica which had a different adware. It enabled developers to earn from many views and ad clicks. Sergio Los Santos, the firm’s security researcher, claimed that even though Google uses a patented technology, fraudsters have devised techniques to infiltrate their fake apps into the official app market. They are downloaded by many android users.
The commonly used trick by developers entails the use of Unicode characters and blank spaces. It makes their titles and names appear to be genuine. It is a persistent problem that Google faces.
Some researchers have noted that Google is regularly duped with creative characters. In September, Lukas Stefanko, ESET’s security researcher spotted a dummy Instagram app on Google play store. Its developer and application name were similar to that of the real app. However, the fake app developer’s name did not start with a capital letter. It indicated that at the moment, Google doesn’t have icon checks, app or developer names for the latest applications.
Google seems unperturbed by it since shortly after deleting the fake WhatsApp; more applications have been produced by the same developer. Many applications are being uploaded to @GooglePlay. They have false reviews. Developers have limited their apps’ functionality to make them appear as genuine while being scanned by Google’s automated code tools. Los Santos said that from 2013-2015, dummy apps were prominent as they pilfered private information and demanded ransoms. It is a subtle method of earning bucks by deceiving people venturing into the apps play market.
Modern fake apps promote advertising ads and request for simple online donations. It is stated that counterfeit WhatsApp developers have attained more than two million downloads since WhatsApp applications are in high demand in Google play store. Jombang Indonesian regency is accused of creating numerous frauds. Los Santos discovered that they were built within the GMT+7 time zones.
Other Potential Threats
Stefanko is worried about the tech gurus who could take advantage of Google’s security gaps and create dangerous applications. For instance, he once discovered an illegal Facebook Security app that tried to steal users’ logins. However, it was quickly taken down.
Google says that it is inventing smarter technologies to detect false applications on time. However, it still relies on developers and users to verify apps. Some people are concerned about its performance in controlling rogue developers.