Pokemon Go, the mobile game which managed to combine reality and imagination in one, has caught the attention of millions of users worldwide. However, it did not take very long for the hackers to come up with a way to use it in their advantage. They have created a backdoor called DroidJack which can infect any gamer who wants to “be the very best trainer”.
Nintendo has been the franchiser of the famous Pokemon series and now, with the Pokemon Go app, the series have taken over the mobile devices as well. The extremely popular mobile application is at the top of the lists of most downloaded free apps both on Apple and Google play stores. The game is so addictive that, as it turns out, it has more users than such famous applications as Twitter, Tinder and Google Maps – over 26 million.
As many times before, crooks didn`t miss the opportunity to target users who were so impatient that they could not wait for the official release of the game. Instead they downloaded the Android application package (APK) from unreliable websites after changing the Android`d settings and allowing installation from unknown sources. Applying these changes is something no user should do because it increases the chance of infection and unwanted app download. And still, many Pokemon lovers didn`t think twice about it and downloaded the APK without knowing they got the backdoor as well.
Little did they know that one of the sources APK can be downloaded from offers a version of Pokemon Go which allows a backdoor to be installed on the device alongside the game. This backdoor can cause a lot of damage to the impatient Pokemon fan by allowing a remote access to their device and provides full control over it.
According to researchers, the malicious version of Pokemon Go is so masterly done that users would not even suspect their phones have been infected hence they won`t take any measures. Moreover, there is a high possibility, if a device is infected, once it connects to a network, network resources can also be endangered.
That`s why it is extremely important, when downloading an app, to carefully check what kinds of permissions it requires. It is ridiculous that some apps, including Pokemon Go, need permission in order to make phone calls, edit and send text messages, modify your contacts, and record audio. Why would a game app like this need this kind of control over your phone? In such cases users should immediately stop the operation. If, though, they carry through it, the APK could help the crooks spread their malware and influence by leveraging some very popular phone applications.
The best pieces of advice users should take into account are actually quite simple but twice as helpful. Don`t use unknown websites as sources even if it`s only a simple game that you want to download. Apple and Google stores are always available and, unlike others, reliable. Also, always check the new application`s requirements and if they don’t seem reasonable just don’t allow them. After all, safety comes first.