This article is more than 1 year old

Android Mew-ware, I choose you: Code nasty poses as Pokemon GO

DroidJack wants to peek-at-you

Mind those downloads from non-official app stores: Android malware has been spotted posing as knockoff copies of the popular Pokemon GO game.

According to a report from security biz Proofpoint, repackaged versions of the game have been found carrying a software nasty that grants remote-control access of infected devices to crooks.

The malware, known as DroidJack, allows an attacker to seize control of the handset, harvesting personal information from users and tracking their movements.

Proofpoint said it spotted the infected Android application package (APK) on a malicious file repository, but versions of the game have not yet been found on app services in the wild.

Pokemon GO has already become one of the summer's most anticipated mobile games for both Android and iOS devices. Proofpoint says that the malware-laden version of the game it spotted is likely to be distributed through non-Google Android app services in hopes of catching users who are looking to get around the region-based release schedule that has seen the game go live in some parts of the world before others.

Nintendo has had to pause the rollout of the internet-connected game in various parts of the world as demand from players has been too great on Ninty's servers.

"Likely due to the fact that the game had not been officially released globally at the same time, many gamers wishing to access the game before it was released in their region resorted to downloading the APK from third parties," Proofpoint says.

Users who don't have official access to the game where they live could go to third-party stores and get the infected versions in the process.

While Proofpoint says that Android owners can avoid the infection by only accessing the game through a trusted service like the Play store, those who are worried they might have a malicious copy can check by looking at the permissions granted to the Pokemon GO game itself.

An infected version of the game, Proofpoint says, will ask for excessive permissions, such as the ability to track web browsing and access to BlueTooth and Wireless network connections.

"Even though this APK has not been observed in the wild, it represents an important proof of concept: namely, that cybercriminals can take advantage of the popularity of applications like Pokemon GO to trick users into installing malware on their devices," Proofpoint said.

"Bottom line, just because you can get the latest software on your device does not mean that you should." ®

More about


Send us news

Other stories you might like