Pokemon GO Android App Found Shipped with Malware

Malicious programs are getting more sophisticated and advanced. The easiest and most common way to infect users is to take an application or a popular program and insert the malicious code in this particular app. This technique is used against Pokemon GO.

Over this week security researchers at Dell have identified another fake Pokemon GO application. This time cybercriminals taking advantage that the game is not available for all countries in the world but only some particular countries are allowed to download the game over appstore and google play.

Attacker have used this as an advantage to attract users that are not able to download and install Pokemon game. They have created a separate installation file that claimed to install Pokemon game but actually coupled with malware.

The first malicious application is Pokemon Apps with DroidJack. This is a Remote Access Tool (RAT) that provide cybercriminals a remote access control on victim device. Some of the ability for this malware is read, delete and write SMS, make calls, full access to call logs, contact list access, take pictures and record videos.

adware apps ask for device administrator privileges sourced Dell

adware apps ask for device administrator privileges sourced Dell

Second type of malicious application is adware that are used to run advertising campaign on infected system and opening pop-ups on the device which usually make the income to cybercriminals, this will also ask to have a full administrator privilege on infected system.

The third type of malicious application that claim to be Pokemon apps is installer which will go and install more secondary application on infected system that are instructed and controlled by cybercriminals.

If you are looking to install any software make sure to use only official store and it will be also important to review the application release notes to verify what privilege it will request and how it will be used on your device.