Just within 7 days the ‘Pokemon GO’ game has become an overnight sensation in the Internet world. There is a crazy addiction towards this game. ‘Pokemon GO’ is the first Pokemon game sanctioned by Nintendo ( Pokemon Company ) for iOS and Android devices. This viral reality game was first released in Australia and New Zealand on July 4th and users in other regions quickly clamored for versions for their devices.
The game was latter released in USA on 6th July 2016. The number of registered users have crossed more than the number of users ever registered by ‘TINDER’ app in its entire life span. Such is the reach of this game.
This game has just been released for countries like USA, New Zealand and Australia. Whereas the rest of world is still expecting it. However, people became quite impatient for this new sensational viral game, and soon started to download the MOD version of this game from various torrent sites and mobile APK sites.
Now it is always advisable that you should never install any software from any torrent sites unless and until it is not safely marked for perfect use. Given that this game was new in the market and not much have been reviewed about it, people didn’t care about the potential threats. And so did they install it.
Lately there have been many reports that a specific APK of this game was modified to include the malicious remote access tool (RAT) called DroidJack (also known as SandroRAT), which can virtually give an attacker full control over a victim’s phone. It is a back door Trojan virus.
The most critical part about such vulnerability is that even many media houses are promoting such malicious APKs so as to get some clicks for themselves by proving tutorials on ‘How To Install Pokemon Go Through 3rd Party’. They are unintentionally helping the attacker to break through more than million of people’s smartphone, exposing their bank account details and private life.
Even Pokemon Go official twitter account issued this statement by tweeting this:-
Trainers, only install Pokémon GO via the Play Store or App Store. Downloads from other sources may contain malware or viruses.
— Pokémon GO (@PokemonGoApp) July 11, 2016
Now if you are worried about whether or not you have downloaded a malicious APK, here are some few options to help you determine whether your phone is infected or not.
First, you should check the SHA256 hash of the downloaded APK. The orginal application that has been often linked by authentic sources have a hash of ‘8bf2b0865bef06906cd854492dece202482c04ce9c5e881e02d2b6235661ab67’, although there are possibilities that the game might have been updates many times. The malicious APK that we analyzed has a SHA256 hash of 15db22fd7d961f4d4bd96052024d353b3ff4bd135835d2644d94d74c925af3c4.
Okay so in a much simpler manner, you can do this.
Check the installed application’s permissions, which can be easily accessed by first going to Settings then Apps then ‘Pokemon GO’ app and then scrolling down to the PERMISSIONS section. This following image is an ideal example of a legitimate APK file
Now the following screenshot depicts the possibility of having a backdoor malware Trojan installed on your phone.
Okay so now, don’t freak out. Just wipe out the app from your phone if you think that you have installed an infected APK module of that game. In case you still feel your phone has been compromised then it’s better to restore factory settings!
There is a reason why the old man said, ‘Patience Is a VIRTUE’.