Pokemon Go might just be the game of the year. Nintendo struck gold with this mobile endeavor, as millions of users around the world have already downloaded the application and are devoting plenty of time to hunting Pokemon. That also means that hackers have adapted their attacks to hunt those Pokemon fans who’re eager to try out the application. Researchers have already discovered malware inside versions of the Pokemon Go app for Android.
As always with malware targeting Android, you should know that you can easily avoid such threats by simply staying away from apps that do not originate from Google Play. No matter how much you want to play Pokemon Go, don’t just go look for the Android APK online if it’s not available in your local Google Play store version.
As Android Central reports, hackers have packaged a tool called DroidJack or SandroRAT inside the APK of Pokemon Go. The malicious remote access tool would allow them to take over the phones that are infected, giving them full control of the device, according to researchers from Proofpoint.
Once the malicious Pokemon Go application is installed, it gives itself extra permissions that can then compromise the phone. If an infected phone is taken inside a corporate network, it can jeopardize the safety of other devices attached to the same network.
Proofpoint says that the APK has not been seen out in the wild yet, so it’s not clear if anyone has been affected by this Pokemon Go malware app.
That said, if you still don’t have official access to Pokemon Go in your market, then keep checking this official download link, rather than downloading the app from a third-party location. The app is available as a free download, so just get it from Google. If you have already downloaded the app from an unofficial location, better uninstall it and get the real thing.