Pokemon Go: hidden threat for Android-users
Security specialists warn about threats that can be caused by downloading illegal apps on Android smartphones. Check Point Software Technologies experts published a video where they explain how to rebuild the Pokemon Go app into malicious spy program.
Just 4 days later after the official release hackers managed to change the application by implementing a malicious code DroidJack in it. The video explains how cybercriminals can repackage the Pokemon GO app for Android, turning it into malware that can steal messages, photos, and more. The mechanics of app repacking includes development brand new Android Distribution APK (Android Package) and adding the malware. The malware activates straight after downloading the game.
DroidJack allows to conduct an attack like mRAT, as the result it can be used to steal sensitive information or even to spy on users without their knowledge. Private information is under threat, as well as corporate data that an employee gets an access to from his own smartphone. By applying DroidJAck a hacker gains an access to camera, microphone and can collect data in real-time mode.
‘Any app downloaded from illegal sources can be potentially dangerous for user, and inexperienced popularity of the Pokemon Go forced thousands of users download the game before legal release. According to the research, it’s easy to implement the malware into the app so hackers can get an access to valuable information meanwhile a user even don’t know that. In order to secure yourself, users should only rely on trusted legal sources as well as use different antivirus programs for securing mobile devices’,- Vasily Dyagilev, chief representative Check Point Software Technologies in Russia and CIS, said.