‘Pokémon Go’ – The Android Malware Edition

Hackers are already piggybacking off the huge success of the ‘Pokémon Go’ game. The augmented reality mobile game has only been released last week but has already found the way into more than 5% of US smartphones.

Security firm Proofpoint has reported about a malicious version of the Pokemon Go app, found in the wild.

In this case, Proofpoint researchers discovered an infected Android version of the newly released mobile game Pokemon GO [1]. This specific APK was modified to include the malicious remote access tool (RAT) called DroidJack (also known as SandroRAT), which would virtually give an attacker full control over a victim’s phone.

Hackers are hoping to exploit the limited availability of the game, which is only officially accessible for the US, Australia and New Zealand audiences. If players from other countries will search for the game on APK websites, they might unknowingly download the infected version and put their privacy at risk.

What to do if you have sideloaded Pokemon Go into your smartphone from an APK file?

The researchers recommend to open the app’s permissions by going to Settings -> Apps -> Pokemon GO and scrolling down to the Permissions section. The legitimate app WILL NOT have permissions to access your SMS messages , Web history and contacts. If you detect a permission for one of these things given to Pokemon GO, uninstall the game immediately – it’s infected!

UPDATE: privacy concerns for Pokémon Go players on iOS have been proven wrong.

Leave a Reply

Your email address will not be published.