Researchers discover malware app that tricks users into downloading it
A malicious app masquerading as Pokemon Go could give hackers full access to victims’ phones, security researchers have discovered.
Pokemon Go is an augmented reality smartphone game based on the popular Nintendo property, that lets users collect Pokemon based on their physical location.
Experts from Proofpoint discovered a Pokemon Go APK containing the DroidJack remote access kit on VirusTotal, a repository for malware and compromised apps.
Pokemon Go has reached the top of the App Store charts in the US, and has generated widespread attention. However, it is still unavailable in territories including Europe.
This has led some users to install a non-official version of the app, via a process known as ‘side-loading’. This involves installing apps from sources other than the Google Play store, which can infect your phone with malware.
“Installing apps from third-party sources, other than officially vetted and sanctioned corporate app stores, is never advisable,” the company wrote in a blog post.
“Official and enterprise app stores have procedures and algorithms for vetting the security of mobile applications, while side-loading apps from other, often questionable sources, exposes users and their mobile devices to a variety of malware.”
Although Proofpoint has yet to observe the malicious version of the app in the wild, the company noted that it was still a significant discovery.
“It represents an important proof of concept, namely, that cybercriminals can take advantage of the popularity of applications like Pokemon Go to trick users into installing malware on their devices,” Proofpoint said.
“Bottom line, just because you can get the latest software on your device does not mean that you should.”