Android users are at risk since Pokemon Go, worldwide known app, has a malicious version.
The game is created by Niantic and it takes users out into the real world by using geo-markers scanned with their phone's camera to "find" Pokémon in the wild.
The popularity of this app is so high that can even pair with Twitter in terms of daily active users.
It is discovered that that there is a malicious version of the app that was modified in order to include the malicious remote access tool (RAT) known as DroidJack which gives the attackers the possibility to fully control victim’s phone. In less than 72 hours the malicious APK was already uploaded to the malicious file repository.
What caused this to happen?
The release of the app was in Australia and New Zealand on 4th July and than two days later in the US. Due to the fact that the demand was so high it created some server issues so the developers had to pause the release to other regions in order to fix the issues first.
Many gamers from the rest of the world who wanted to access the game before the official release actually downloaded the APK from third parties. In order to download the APK you have to accept side-loaded apps by enabling the “unknown sources” in the Settings Security area.
This kind of practice is very dangerous and puts your device at high risk. Researcher from Proofpoint said that:
Should an individual download an APK from a third party that has been infected with a backdoor, such as the one we discovered, their device would then be compromised.
How to determine if you are infected?
Check the hash of the downloaded app since the malicious one has a SHA256 hash of 15db22fd7d961f4d4bd96052024d353b3ff4bd135835d2644d94d74c925af3c4.
Besides you can check the installed application’s permissions which can be found in the App section of your Android device. Look for the Permission section and check the list of legitimate apps.
Even though you want to have the app as soon as possible, you should wait for the official release since downloading from third parties is never a good choice. By satisfying the need for that specific app, you can put your device and all your data at high risk. Waiting few days pays off.