Installing Pokemon GO? You might be installing malware too
Pokemon GO is a pretty sensational app, with tonnes of smartphone users downloading it to catch them all. While it’s only officially available in the U.S., New Zealand and Australia, through the App Store and Google Play Store, it has not stopped fans in other regions from downloading and installing the APK from third-party sources on their Android devices to play the augmented reality game. Well, it seems that they may have indirectly opened the door for the remote access tool malware, DroidJack, to enter.
Usually, Android is a pretty secure environment. If you don’t mess with the settings, you won’t be able to install third-party APKs of suspicious origin. But of course, to install the APK to play Pokemon GO, you will need to enable the “unknown sources” checkbox in the Settings menu. Usually it is fine, but when faced with opportunistic hackers, well, you know what happens.
According to Proofpoint, a pretty simple method to check if your device is infected would be to check the installed application’s permission. This can usually be accessed by first going to Settings -> Apps -> Pokemon GO and then scrolling down to the PERMISSIONS section. The outlined permissions have been added by DroidJack. Seeing those permissions granted to the Pokemon GO app could indicate that the device is infected, although these permissions are also subject to change in the future.
Our only advice is to not install Pokemon GO from third-party sources. Please wait until it is available officially here. I also heard that Pokemon GO players who sideload the app onto their devices will get banned permanently, even when it is made available here? I don’t know. More reason not to do it then.
Pokdepinion: Obviously the take home point here is to be patient. We will definitely get it. Someday. Till then, try to avoid third party sources as you may be opening up your phones to a lot of malware.