Bitdefender has warned that ‘copy-cat’ infected versions may carry malicious code that takes full control of the device, collecting users’ personal data and clicking on ads in the process.
Droidjack, is part of the AndroRAT family, a remote access Trojan that provides backdoor functionality and access to people’s mobile devices. The exploit kit is widely sold on the underground for US$200.
It says that 19.55% of global threats come from infected apps that may be fully functional but carry an unwanted payload. These are side loaded from third party apps stores.
Another word of warning for players of the game on iOS. The Pokémon Go app seems to request more permissions than it needs. Signing into the app via a Google login reportedly gives the developer, Niantic, full access to users’ Google accounts.
Niantic says the app can access only basic Google profile information, despite the message in the Permissions’ window, and is working on a client-side fix. The Android version does not have the same issue.
Bitdefender’s advice includes:
- Install a security solution suitable for your mobile device to identify malicious applications before they’re installed and discover the privacy impact of apps already installed.
- When installing an app, review the permissions it requires and remove unnecessary ones. In this case:
- Head to Google’s security page and look for Pokémon Go.
- Select Pokémon Go, then click “Remove” to revoke full access.
- Launch the game on your device.
- Check reviews about any new app and the developer before installing.
- Don’t download fake apps posing as software updates, sent in unrequested emails.
- Avoid Jailbreaking your device unless you know how to protect it from threats and can take full responsibility for its security. Jailbreaking will disable the “sandboxing” feature of the iOS, an essential piece of the operating system’s security architecture. Read more about the negatives.
- The real-world adventure game also exposes users to physical risks, so stay aware of your surroundings to avoid falling prey to thieves, trespassing and even stumbling on a dead body.
Most other antivirus and malware companies have issued warnings of a similar nature – this is a serious threat.
Sophos has a good blog about the dangers here.
Symantec has issues a simialr blog here.