Alert! Fake Pokémon GO apps are on the rise

Mobile gaming apps are nothing new anymore. Thousands of them come and go, probably every week. But, there is a time when an app comes along that takes the entire world by storm. I am talking about the Pokémon GO app which has become the new Internet darling, sensation, rage; whatever you may want to call it. And this very craze is acting as a fodder for the criminal minds of the online world.

First, what is Pokémon GO all about?

It is an online gaming app for Android and iOS smartphones. By accessing your phone’s location and camera, the game lets you capture virtual creatures called Pokémon, apart from training or battling against them. To find these creatures, you need to move in or around your location. So basically, you see your location on a map (which is actually a digital version of your real surroundings) and the location of the Pokémon you want to find. This article explains everything that you need to know about this game.

Coming to the main discussion of this post…

As of now, Pokémon GO has been officially released in limited countries including Australia, New Zealand, Germany, the UK, and the US. And India is one of those few countries where the game is not yet available on Google Play or App Store. And that is where the problem lies. Given the ginormous craze for the app, many players are heading to unofficial or third-party app stores to get their hands on this one-of-a-kind augmented-reality smartphone game. And for obvious reasons, hackers are piggybacking on this frenzy to spread fake and malicious versions of this app.

One malicious version of this app has been detected to be spreading in third-party stores. This version has been injected with a malicious RAT (Remote Administration Tool – allows the operator to remotely control a device) called SandroRAT. This RAT acts as a spyware (steals user information) and backdoor (allows other malware gain access to the infected device).

If a user installs this RAT-infected Pokémon GO app, they will be basically permitting the malware to:

• Monitor, read, write, and send SMSs
• Record call conversation
• Read, delete, and add contacts
• Collect device’s info viz. IMEI, phone number, country, root permissions, etc.
• Hide app icon from app launcher
• Download and install other unwanted or malicious apps
• Turn on Wi-Fi or mobile data remotely when device is offline
• Track GPS location of the device
• Click pictures using the front or the back camera
• Record videos
• Explore, download, upload & delete files from the device

Quick Heal Mobile Security Products block this malicious app proactively as Android.Sandr.A.

Precautions that you must take

• While you will be able to download the Pokémon GO app for Android from third-party stores, we would strongly recommend against it. There is no saying whether the app that you get is safe or malicious. Official app stores are always relatively safer than off-market places. Better wait for the official release in your country than risking your phone and privacy to a malware infection.
• Ensure that ‘Unknown Sources’ is unselected in your phone’s security settings. This stops the installation of apps from third-party stores. On your phone, go to Settings > Security > Uncheck Unknown Sources (if it is checked).
• Avoid downloading apps with poor reviews/ratings, untraceable developers, low reputation and those that ask for unnecessary permissions.
• Use a mobile security software. Quick Heal Fonetastic App not only protects your phone from harmful apps, but also boosts its performance, and offers other utility features such as App Lock, Private Folders, etc.

If you have come across any version of Pokémon GO in third-party sources, do let us know about it.