Pokemon Go: Hackers use Nintendo craze to spread malware to Android smartphones

Pokémon Go is in high demand, and as it is yet to see a full worldwide release many eager hunters wanting to get in on the action have turned to unofficial sources to download a copy of the game.

While this remains an easy and safe process through some means, cybersecurity researchers are warning that hackers are now taking advantage of the craze to spread malware that can give criminals "complete control" of Android devices.

The malware spreads thanks to the process of 'side-loading' an application, which allows users to install unsanctioned apps from sources other than the official Google Play Store. Unfortunately, the result could lead to criminals getting access to everything from contact lists to pictures stored on devices.

Advertisement

According to Proofpoint researchers, an infected version of Pokémon Go has been discovered that includes a malicious remote access tool (RAT) called DroidJack. This download file – or APK – contains a backdoor. However, security experts warn that users would be hard-pressed to tell the difference.

"The infected Pokémon Go APK has been modified in such a way that, when launched, the victim would likely not notice that they have installed a malicious application," the researchers said.

The analysis added: "[Side-loading] is an extremely risky practice and can easily lead users to installing malicious apps on their own mobile devices. Should an individual download an APK from a third party that has been infected with a backdoor, such as the one we discovered, their device would then be compromised."

Android users have been warned about malicious software posing as Pokemon Go downloads The Pokémon Company

In any case, there are ways of telling if your application is legitimate. The most simple method is checking the app permissions that can be found by following: Settings> Apps> Pokémon GO and then scrolling down to the Permissions section.

If the options include more invasive options, such as "record audio," "edit text messages" or "directly call phone numbers" you should uninstall the application immediately.

The firm said that it has not yet spotted the APK in the wild, but that it represents "an important proof of concept". "Bottom line, just because you can get the latest software on your device does not mean that you should," the researchers said. "Instead, downloading available applications from legitimate app stores is the best way to avoid compromising your device and the networks it accesses."

While the augmented reality Nintendo game has been released in Australia, New Zealand and the United States, UK-based users have been left with no other option but to wait for an official release to ensure 100% safety. Luckily, The Wall Street Journal has reported the game is set to be given a wider release in the UK, Europe and Japan "within a few days."

Advertisement

Android users in the live regions can download the game here on the Google Play store; iPhone and iPad users can download it from the App Store here. For eager iOS users outside of the regions, reports indicate the download will work by changing 'language and region' settings on the device to US, New Zealand or Australia.

According to Kevin Epstein, vice president of the Threat Operations Centre at Proofpoint, the remote access Trojan can potentially give malicious hackers complete access to a victim's mobile device "including user text messaging, GPS data, phone calls, camera—and any business network resources they access."

"Its existence less than 72 hours after the initial release suggests the relative ease with which threat actors can create malicious versions of popular apps and capitalize on users' desire to access them as quickly as possible, even if they aren't available through legitimate app stores," Epstein told IBTimes UK.

For all the latest video game news follow us on Twitter @IBTGamesUK.

© Copyright 2017 IBTimes Co., Ltd. All Rights Reserved.