Here’s how to check if your Pokemon GO Android app is legitimate

Posted on by

Pokemon DroidJack Uses Side-Load…It’s Super Effective! Backdoored Pokemon GO Android App FoundPokémon

Here’s how to check if your Pokémon GO Android app is legitimate

Pokemon  From the time, Nintendo release the last game of Pokémon GO, which uses augmented reality, the gamers are going crazy. The mobile app is used by players to walk around and collect the popular characters. However, the game is geo-restricted, which means it is not available in all the countries.

As a result, many gamers out of curiosity have already started to search the app outside official app stores. Crooks are using this opportunity to exploit the popularity of the game by spreading a malicious version of the Pokémon GO app that could infect Android mobile devices and install a backdoor to gain complete control over the victim’s smartphone.

The official Pokémon GO app was first launched in Australia and New Zealand on July 4th, and later on July 6th in the U.S., but the malicious app was first uploaded to an online malware detection repository on July 7.

Pokémon

According to a report from security biz Proofpoint, repackaged versions of the game have been found carrying malware dubbed as Threadjack that grants remote-control access of infected devices to crooks. Also, many media outlets have published instructions on how to download the game from a third party.“The augmented reality game was first released in Australia and New Zealand on July 4th and users in other regions quickly clamored for versions for their devices. It was released on July 6th in the US, but the rest of the world will remain tempted to find a copy outside legitimate channels. To that end, a number of publications have provided tutorials for “side-loading” the application on Android. However, as with any apps installed outside of official app stores, users may get more than they bargained for.” reported Proofpoint in a blog post.

In order to install the malicious Pokémon GO app the gamer needs to “side-load” it by disabling an Android security setting.

“Unfortunately, this is an extremely risky practice and can easily lead users to install malicious apps on their own mobile devices,” points out Proofpoint. “Should an individual download an APK from a third party that has been infected with a backdoor, such as the one we discovered, their device would then be compromised.”

For example, the malicious Pokémon GO app requests more permissions than the legitimate one, Proofpoint says.

“Even though this APK has not been observed in the wild, it represents an important proof of concept: namely, that cybercriminals can take advantage of the popularity of applications like Pokémon GO to trick users into installing malware on their devices,” Proofpoint said.

What do I do if my Android smartphone is infected with Threadjack?

At this point, there does not appear to be a fix for the malware. Proofpoint claims the infected APK has not been spotted in the wild

We Provide Following Service In Ethical Hacking
  • Sms / Call Spoofing
  • Android Phone Hacking
  • iPhone Hacking
  • Virus, Trojans, and Backdoors
  • Remote System Hacking
  • Hacking Wifi and Wireless Networks
  • Exploiting Windows and Gaining Access
  • IP and MAC Spoofing
  • Network and Server Hacking
  • Software Cracking
  • Penetration Testing with Kali Linux
  • Metasploit Framework
  • Bypass Anti-Virus System
  • Passwords Cracking
  • Facebook Hacking
  • Email Account Hacking  (Gmail / Yahoo / Hotmail / Webmail etc)
  • Mobile Hacking (Tracking, Tracing, Spying, and Security)
  • Operating System Hacking (Windows, Linux, Mac)
  • Website and Database Hacking

Leave a Reply

Your email address will not be published. Required fields are marked *