Beware: There’s A Malware Version Of Pokemon Go Out In The Wild
It’s fair to say that Pokémon Go has been something of a revelation in its fairly short time in existence. The augmented reality game for iOS and Android allows players to thrust themselves into a Pokémon world where they are tasked with capturing, training and battling virtual Pokémon that are located within the real world.
The game has only been officially available in select counties, meaning that excited gamers in as yet unreleased territories are taking to downloading the APK from file-sharing websites and side-loading it onto their Android devices.
Researchers at Proofpoint have discovered that those users could be getting more than they anticipated with the unofficial install.
Researchers from the firm are warning that unofficial installs of a Pokémon Go APK for Android devices downloaded from certain file-sharing sites could result in the unwanted installation of the already-known DroidJack malware. The research team from Proofpoint have managed to find an APK version that’s becoming increasingly popular and is carrying the aforementioned remote-access exploit known as DroidJack.
This isn’t a new strain of malware, it’s been known to Symantec since 2014 who at the time of discovery described it as a “Trojan horse for Android devices that opens a back door on the compromised device and also steals information.”
Android devices around the world may be keen to get in on the Pokémon Go phenomenon, but it really can’t be worth potentially opening the device up to malicious attackers risking the massive loss of secure and sensitive information from the smartphone or tablet. It is however worth noting that if you live in one of the currently supported territories, and have downloaded the game officially from the Google Play Store, then you are entirely safe. The officially uploaded version of the Pokémon Go game contains no malware.
The research team who found the latest instance of DroidJack have stipulated that they are yet to actually see an episode of its existence in the wild on a real device, but have discovered the malware embedded in an APK file hosted on a known malicious repository. As part of its write up on the subject, Proofpoint has also outlined its belief that installation of an infected APK would allow attackers to “completely compromise a mobile device”, and that it would also put shared network resources at risk if brought into a corporate networked environment.
The advice here is to curb that Pokémon Go enthusiasm and wait until the official experience is launched in your territory.