Malicious fake Pokemon GO game for Android devices
Researchers at Proofpoint said they found an Android malware that is disguised as the popular game Pokemon GO. Proofpoint positions itself in the market as a company that is designed to protect against incoming threats such as spam and viruses, prevent the leakage of confidential information and personal data across all protocols, encrypt confidential e-mail messages and optimize the corporate postal infrastructure as a whole. The company proposes a complete and unified e-mail security and data leakage prevention (DLP) solution for enterprises, educational institutions, government organizations and Internet service providers.
Malicious APK was found in the repository of malicious files, so far it is not yet in the app stores. But since the game for iOS and Android devices is becoming more and more popular, experts are confident that a malicious fake will soon appear in unofficial app stores.
')
Everything is designed for "impatient" users who want to download the game from third-party sources in the hope of "taking possession" of the game before the release date of the original game. It is recommended to be patient, but for those who have already downloaded the application from an unofficial store, check whether this application is malicious. Check is not difficult, the malicious version of the game requires elevated privileges: access to a wireless connection and Bluetooth, the ability to track user activity in the browser.
A little earlier, SecurityLab had already discovered the malicious version of the game Pokemon Go, which installs the DroidJack trojan on Android smartphones. As it turned out, the developers of the legitimate version of the game Pokemon Go, without the knowledge of the players, had full access to the mail, photos and other confidential information of users authorized in the game using a Google account. Ie, when you try to log in to the game, Pokemon Go has full access to your Google account.
According to an official statement from Niantic’s game developer, "... excessive rights were obtained by Pokemon Go by mistake, which will soon be fixed. The game only collects the user ID and email address and does not affect any other data." By the way, ESET also found malicious programs in the Android app store Google Play: a screen blocker and two fake anti-viruses. The number of malicious applications downloads has already exceeded 50 thousand. The malicious application Pokemon GO Ultimate locks the device screen and system windows, it is impossible to reboot the device. At the same time, it works as a pornoclicker, and generates traffic to porn sites.
Malicious APK was found in the repository of malicious files, so far it is not yet in the app stores. But since the game for iOS and Android devices is becoming more and more popular, experts are confident that a malicious fake will soon appear in unofficial app stores.
')
Everything is designed for "impatient" users who want to download the game from third-party sources in the hope of "taking possession" of the game before the release date of the original game. It is recommended to be patient, but for those who have already downloaded the application from an unofficial store, check whether this application is malicious. Check is not difficult, the malicious version of the game requires elevated privileges: access to a wireless connection and Bluetooth, the ability to track user activity in the browser.
A little earlier, SecurityLab had already discovered the malicious version of the game Pokemon Go, which installs the DroidJack trojan on Android smartphones. As it turned out, the developers of the legitimate version of the game Pokemon Go, without the knowledge of the players, had full access to the mail, photos and other confidential information of users authorized in the game using a Google account. Ie, when you try to log in to the game, Pokemon Go has full access to your Google account.
According to an official statement from Niantic’s game developer, "... excessive rights were obtained by Pokemon Go by mistake, which will soon be fixed. The game only collects the user ID and email address and does not affect any other data." By the way, ESET also found malicious programs in the Android app store Google Play: a screen blocker and two fake anti-viruses. The number of malicious applications downloads has already exceeded 50 thousand. The malicious application Pokemon GO Ultimate locks the device screen and system windows, it is impossible to reboot the device. At the same time, it works as a pornoclicker, and generates traffic to porn sites.
Source: https://habr.com/ru/post/372489/
All Articles