Researchers have discovered more fake Pokémon Go apps on Google Play Store putting security and privacy of Android users in danger!
Since the time the game Pokémon Go was released in Australia, USA and New Zealand, it has become the apple of everyone’s eyes. Of course, Apple users are proudly and conveniently using it on their iOS systems, however, Android users are not as lucky. According to reports from Dell security research team, there are several Android applications that claim to be the official app of the game but actually, contain different kinds of malware.
We know that Pokémon Go is a fiercely popular game nowadays and everyone wants to download it on his/her phone. This is particularly the main reason why malicious cyber-criminals are trying to con people with such enthusiasm. After all, this is a great opportunity for threat actors to get their infected apps downloaded on mobiles of unsuspecting users without any difficulty. The incredible popularity garnered by the game is to be blamed for the recent surge in malware infected apps circulating on the internet.
Read: Fake Pokémon Go app contains RAT; takes full control of infected device
As per the analysis of Dell security, seven apps were initially identified to be deceiving people by appearing as official Pokémon Go applications and later more such apps were discovered. These apps are infected with different malware such as adware and DroidJack RAT. Some DroidJack RAT apps include com.nianticlabs. Pokémongo and net.droidjack.server while adware apps are net.ksbicrwkn.Pokémongousa and eu.auauvcqwu.Pokémongocoins, etc.
These apps would allow the hacker/attacker to gain full control of your phone by providing them administrator privileges. This means an attacker may steal call records, capture images, and even record conversations or listen to your conversation through the microphone.
There are also PUAs (Potentially Unwanted Apps) or Installer apps, which are also being circulated as Pokémon Go apps. The main purpose of distributing these apps is to get other malicious apps downloaded on a phone either from Google Play Store or unauthentic sources for some fee, which naturally will be received by the attacker, notes Catalin Cimpanu of Softpedia.
Read: PokeGone Chrome Plugin Erase Pokémon Go From Your Internet Life
These infected apps are available via third party stores however, there are other ways of downloading it such as users can search for links for downloading and installing Pokémon Go in your region. What you will get would be those infected apps.
More technical information on these apps is available on Dell’s blog post.