New mobile game “Pokemon Go” has become the hottest iPhone and Android game to hit the market in forever with enormous popularity and massive social impact. The app has taken the world by storm since its launch this week but also played a role in armed robberies in Missouri, the discovery of a body in Wyoming and minor injuries to fans distracted by the app and to top it all Malware infected apks too..
Nintendo’s new location-based augmented reality game allows players to catch Pokémon in the real life using their device’s camera and is currently only officially available in the United States, New Zealand, UK and Australia. Five days after its release, the game now is on more Android phones than dating app Tinder, snapchat and its rate of daily active users was neck and neck with social network Twitter, according to analytics firm SimilarWeb.
Due to the huge interest surrounding Pokémon Go, many gaming and tutorial websites have offered tutorials recommending users to download the APK from a non-Google Play link. In order to download the APK, users are required to “side-load” the malicious app by modifying their Android core security settings, allowing their device’s OS to install apps from “untrusted sources.”
It is discovered an infected Android version of the newly released mobile game Pokemon GO . This specific APK was modified to include the malicious remote access tool (RAT) called DroidJack (also known as SandroRAT), which would virtually give an attacker full control over a victim’s phone.
A simple method to check if a device is infected would be to check the installed application’s permissions, which can typically be accessed by first going to Settings -> Apps -> Pokemon GO and then scrolling down to the PERMISSIONS section.
To do so, Go to the Settings → Apps → Pokemon GO and check the game’s permissions.
If you find that the game has asked for permissions like directly call phone numbers, edit and read your SMSes, record audio, read Web history, modify and read your contacts, read and write call logs, and change network connectivity, then you should uninstall the game right away, since it is infected with DroidJack.
Bottom line, just because you can get the latest software on your device does not mean that you should. Instead, downloading available applications from legitimate app stores is the best way to avoid compromising your device and the networks it accesses.