This is just another reminder to do your research before downloading apps from any app store, especially in the Pokemon Go market where fake apps are infected with malware.
According to internet security company Kaspersky Lab, an app called “Guide for Pokémon Go,” which was available in the Google Play Store, was a guise to infect devices with a trojan.
A blog post on the Kaspersky website explains that the malware showed some users a lot of ads, but also managed to download rooting software that could gain access to the Android operating system. The trojan detected as HEUR:Trojan.AndroidOS.Ztorg.ad, was hidden behind actual Pokemon Go content, so it was difficult to detect by casual users.
However, what hid the malware even more from cyber security experts was its latency period. The trojan would lay dormant for a time, and then would analyze the device it was on, sending information to a command-and-control server that cyber criminals could analyze. With the right qualifications, the person would then send a response back to the server as to whether to infect the device.
“Like a professional rogue, it masterfully hid itself from security experts and chose victims carefully,” the post read.
The company reported the app to the store, but it had already been downloaded more than 500,000 times, with around 6,000 successful infections. It’s confirmed to have hit in Russia, Indonesia, and India, but experts warn English-speaking users that there could be some cases in other countries as well.
Pokeman Go malware has been rampant since even before the game was released in many countries. Many hackers exploited the hype by creating sideloading versions that came with a remote access tool called DroidJack, which can give people control over your device.
If you’ve downloaded this app and believe you’ve been infected, the best choice would be to uninstall and factory reset your device. In the future, be wary of apps that aren’t released through official channels. Even in the case that an app is on the Google Play store, there can still be a chance that it’s infected with malware.
No comments:
Post a Comment