Pokémon GO’s infected version might give hackers a backdoor to your data
With the Pokémon GO mobile game going viral all over the world, even though it has not yet launched globally, people in other countries have start side-loading the app via APK file. And according to security firm Proofpoint, that’s not a good idea.
Proofpoint researchers have discovered an infected Android APK version, which is being circulated in the mix. Pokemon GO was launched in Australia and New Zealand on July 4, reaching US shores on July 6; whereas the rest of the world waits for the official launch of the game in their regions.
Researchers claim that a malicious remote access tool (RAT) has been included in the game’s APK package, which allows the attacker to gain full access to the victim’s phone. The infected app is a slight modification from the original, with the addition of DroidJack (a backdoor).
To check if your phone has been infected by DroidJack, you need to check the permissions for the app in your Settings.
All you need to do is go to Settings–> Apps –> Pokemon GO, and then scroll down to the Permissions section. The picture below show the permissions of the legitimate game compared to the permissions of the infected version.
Pokemon GO permissions for the genuine game
Pokemon GO permission for the infected game will show the following remarks
If you haven’t downloaded the game, you should wait for the game to be officially launched in your country before downloading it from the Google Play store.
Proofpoint does not specify how to tackle the virus if your phone is already infected, but it is suggested that you delete the app and save your data.
