★Gaming★

[Gaming][bleft]

★Technology★

[Technology][twocolumns]

★Discoveries★

[Discovery][bsummary]
Powered by Blogger.

WARNING: Hackers Are Spreading Malware Through Pokémon GO

Nintendo’s new Pokémon GO augmented reality game has quickly proven to be a cultural phenomenon, juicing the company’s stock. But it is only available in certain countries right now, leading some players to install the game from third-party sources. Now, a malicious version of the software is poised to infect Android phones with code that provides hackers a backdoor to their phones.


Here's how to tell if yours is legit.

Pokémon Go is the hot mobile game of the moment. Unfortunately, not everyone can play it. International rollout of the game has been paused while Nintendo and The Pokémon Company work on fixing server capacity.
But that's not stopping people from finding other ways to download versions of the game.
According to security firm Proofpoint, via Motherboard, a version of the app infected with a malicious remote access tool (RAT) called DroidJack is making the rounds. It installs a backdoor granting full control of the Android phone to hackers.
Proofpoint reports the malicious version of the app was released less than 72 hours after the game was released in New Zealand and Australia. It's believed that those waiting for the game to rollout in their countries may be trying to acquire the game through other means and are at risk for the infected app.
"Likely due to the fact that the game had not been officially released globally at the same time, many gamers wishing to access the game before it was released in their region resorted to downloading the APK from third parties," wrote Proofpoint in a blog post.
Do you have this version of the game on your phone?
Probably not. If you downloaded Pokémon Gothrough a legitimate app store then your game is fine.
In order to get the malicious app you need to go out of your way. You need to disable Android security which prevents installation of unknown third-party apps and 'side-load' the game onto your phone.
Still, if you want to check to see which version of the game you're playing, Proofpoint has a few tips.
First, you can compare the permissions on your app with those of the legitimate one.
Here's how the permissions should look:

Here's how they look in the compromised app:
Proofpoint also suggests comparing the two app's SHA-1 hashes, a long group of characters that verifies whether a file is modified. 
Via Proofpoint:
"The legitimate application that has been often linked to by media outlets has a hash of8bf2b0865bef06906cd854492dece202482c04ce9c5e881e02d2b6235661ab67, although it is possible that there are updated versions already released. The malicious APK that we analysed has a SHA256 hash of 15db22fd7d961f4d4bd96052024d353b3ff4bd135835d2644d94d74c925af3c4."
You can download Pokémon Go for iOS and Android here

No comments: