Pokémon NO!

You may have more than a weeble in your pocket…

As the summer of Pokémon comes slowly to an end a new light of security threats from the massive online augmented reality game come to the foreground.

Of course there was always the random muggings and people falling off of cliffs and walking into traffic however, according to Kaspersky lab there is a new malicious app on Google Play Store “Guide for Pokémon Go”.

This app is capable of gaining root access rights on Android and using that to uninstall and install applications and is able to display unsolicited adverts that can infect you with more malware.

The application has been downloaded over half a million times and there has been at least 6k confirmed infections.

The app has been reported to the Play Store by Kaspersky and is now removed from Google Play.

Thank you Kaspersky for highlighting this

After a user installed Guide for Pokémon Go, the malware waited silently for some time. This break was quite deliberate: The malware needed to learn whether it was on a real device or a virtual machine — an emulated computer system security experts use to check how suspicious apps behave in different conditions.

Having confirmed it was on a real device, the Trojan sent a message to a command-and-control server run by cybercriminals. The report included information about the infected device: model, OS version, country, default language, and more.

Guide for Pokémon Go downloaded additional malicious files (their code also obfuscated). These files were the Trojan’s heavy weaponry; they let it use a number of vulnerabilities discovered from 2012 to 2015.

The armed malware rooted the system, silently installed additional apps, and flooded the phone with ads.

Roman Unuchek, Senior Malware Analyst at Kaspersky Lab

If you are concerned you may have an infection of malware or a virus on your device, scan your device with mobile antivirus. If you would like to get AV for your device, please contact us.

Share This

Share this post with your friends!