Be wary what kind of third party apps you grab from the Google Playstore for Pokemon Go, as Kapersky Labs have found that there’s malicious software lurking about.
Most specifically is the app “Guide for Pokemon Go” which houses a Trojan that’s able to not only seize root access on Android phones, but it is able to install and uninstall apps and display ads you never asked for. Said app has been downloaded half a million times (as of writing) and has at least 6,000 successful infections. The popularity of Niantic Lab’s latest game has caused a surge of such apps and guides, so it doesn’t surprise us that some would have “hitchhikers” on board.
This particular malware has some interesting features that help it evade detection.
One is that it waits for the user to install or uninstall another app to see if it is in fact, running on a real device. If it finds that it;s not on a virtual machine, it will wait an additional two hours before activating.
If it finds that it’s not on a virtual machine, it will wait an additional two hours before activating.
Interestingly, this doesn’t mean that infection is guaranteed. The Trojan will deliver your device details to its command server, and only once it hears back (depending on your device setup) it will then implement and download additional malware modules. Then only it will begin quietly installing and uninstalling apps on your system and displaying adds to the user.
If you do happen to be infected, you can scan your device with a mobile antivirus and use certain tools to help you remove the rooting malware, but it won’t be an easy process. The best way to avoid this is to only use apps created by reputable developers and to ensure you don’t get infected.
The best way to avoid this is to only use apps created by reputable developers to ensure you don’t get infected. Or just don’t download unofficial apps if you’re not sure. Play it safe!