Alert! Fake Pokémon GO apps are on the rise

  • 55
    Shares

Mobile gaming apps are nothing new anymore. Thousands of them come and go, probably every week. But, there is a time when an app comes along that takes the entire world by storm. I am talking about the Pokémon GO app which has become the new Internet darling, sensation, rage; whatever you may want to call it. And this very craze is acting as a fodder for the criminal minds of the online world.

First, what is Pokémon GO all about?

It is an online gaming app for Android and iOS smartphones. By accessing your phone’s location and camera, the game lets you capture virtual creatures called Pokémon, apart from training or battling against them. To find these creatures, you need to move in or around your location. So basically, you see your location on a map (which is actually a digital version of your real surroundings) and the location of the Pokémon you want to find. This article explains everything that you need to know about this game.

Coming to the main discussion of this post…

As of now, Pokémon GO has been officially released in limited countries including Australia, New Zealand, Germany, the UK, and the US. And India is one of those few countries where the game is not yet available on Google Play or App Store. And that is where the problem lies. Given the ginormous craze for the app, many players are heading to unofficial or third-party app stores to get their hands on this one-of-a-kind augmented-reality smartphone game. And for obvious reasons, hackers are piggybacking on this frenzy to spread fake and malicious versions of this app.

One malicious version of this app has been detected to be spreading in third-party stores. This version has been injected with a malicious RAT (Remote Administration Tool – allows the operator to remotely control a device) called SandroRAT. This RAT acts as a spyware (steals user information) and backdoor (allows other malware gain access to the infected device).

If a user installs this RAT-infected Pokémon GO app, they will be basically permitting the malware to:

  • Monitor, read, write, and send SMSs
  • Record call conversation
  • Read, delete, and add contacts
  • Collect device’s info viz. IMEI, phone number, country, root permissions, etc.
  • Hide app icon from app launcher
  • Download and install other unwanted or malicious apps
  • Turn on Wi-Fi or mobile data remotely when device is offline
  • Track GPS location of the device
  • Click pictures using the front or the back camera
  • Record videos
  • Explore, download, upload & delete files from the device

Quick Heal Mobile Security Products block this malicious app proactively as Android.Sandr.A.

Precautions that you must take

  • While you will be able to download the Pokémon GO app for Android from third-party stores, we would strongly recommend against it. There is no saying whether the app that you get is safe or malicious. Official app stores are always relatively safer than off-market places. Better wait for the official release in your country than risking your phone and privacy to a malware infection.
  • Ensure that ‘Unknown Sources’ is unselected in your phone’s security settings. This stops the installation of apps from third-party stores. On your phone, go to Settings > Security > Uncheck Unknown Sources (if it is checked).
  • Avoid downloading apps with poor reviews/ratings, untraceable developers, low reputation and those that ask for unnecessary permissions.
  • Use a mobile security software. Quick Heal Fonetastic App not only protects your phone from harmful apps, but also boosts its performance, and offers other utility features such as App Lock, Private Folders, etc.

If you have come across any version of Pokémon GO in third-party sources, do let us know about it.

Rajiv Singha

Rajiv Singha


5 Comments

Your email address will not be published.

CAPTCHA Image

  1. Avatar aditya ranjanJuly 22, 2016 at 6:45 PM

    help me

    Reply
  2. Avatar shubhamkasaudhan.sk78@gmail.comJuly 23, 2016 at 6:58 PM

    anti virus pro updates

    Reply
  3. Avatar Raushan SinghJuly 24, 2016 at 9:49 AM

    it is so nice for our pc

    Reply
  4. The points about third party malware application you mentioned is almost the same the official pokemon go app is doing, so you mean the official pokemon go app is malware itself? let me rephrase the points.

    >Monitor, read, write, and send SMSs
    >Record call conversation
    >Read, delete, and add contacts
    >Collect device’s info viz. IMEI, phone number, country, root permissions, etc.
    >Hide app icon from app launcher
    >Track GPS location of the device
    >Click pictures using the front or the back camera
    >Record videos
    >Explore, download, upload & delete files from the device

    Please save your trouble.

    Reply
    • Rajiv Singha Rajiv SinghaAugust 3, 2016 at 2:53 PM

      Hi Shivansh,

      Thanks for writing in. Below are the permissions that the official Pokemon Go App (Android) asks for.

      • In-app purchases
      Allows the user to make purchases from within this app

      • Identity
      Uses one or more of: accounts on the device, profile data

      • Location
      Uses the device’s location

      • Photos/Media/Files
      Uses one or more of: files on the device such as images, videos, or audio, the device’s external storage

      • Camera
      Uses the device’s camera(s)

      • Other
      receive data from Internet

      So, if you compare these with the permissions asked by the fake, malicious app, a substantial difference can certainly be noted. Also, note that the permissions mentioned in the post are asked by the RAT-infected Pokémon GO app. This does not mean that every third party Pokemon Go app will ask for the same permissions. But you never know. So, it is always wise to err on the side of caution.

      Do let us know if you need any further information on this.

      Regards,

      Reply