Pokemon Go, the virtual scavenger hunt that is raising Vitamin D levels across the country, has so far lured players into armed robberies, led to the discovery of a dead body, and resulted in a host of injuries as gamers wipe out while glued to their smartphones in search of animated avatars hidden in real world locations.
But now another danger has come to light — Security experts Proofpoint discovered the DroidJack malware embedded into a version of Pokemon Go downloaded outside of the Google Play Store. So, if you side-loaded a version of Pokemon Go — a particular problem in parts of the world where the game isn’t yet officially available — you might have installed some malware with it.
The compromised version of Pokemon Go Proofpoint analyzed looks and acts just like the real app. But it requests extra permissions and has malicious code added to it — permissions an excited player would likely overlook during the install process. The end result is loading an application on your Android device that has the ability to take control of your phone or tablet.
How can I avoid Pokemon Go malware?
Wait for the app to officially launch in your country. I know, I know, that amounts to torture; I’m sorry ’bout it.
Installing from unofficial channels requires you to turn off security settings designed to keep your information and device secure. For example, to install any app from an APK site you need to allow app installs from untrusted sources (Settings > Security > Unknown Sources). This setting specifically prevents app installations from outside of Google Play, and by turning it off you’re potentially exposing your device to malware-laden apps that appear legit.
Granted, there are some APK websites that do everything to cover their bases and ensure the APKs listed on the site are legit copies of the Play Store version, but bad guys like to figure out ways around such processes.
How do I know if I installed a malicious version of Pokemon Go?
If you just couldn’t wait and installed Pokemon Go from an outside source, Proofpoint suggests checking the app’s requested permissions. On your device, open Settings > Apps > Pokemon Go > Permissions. According to the post, the specific version of malware the company examined requested permission for tasks such as record audio, modify contacts, read your web history and run at startup. The complete list is included in Figure 2 and Figure 3 on this post.
If you discover the app you’ve installed lists extra permissions, uninstall the app right away.