At this point, it is almost needless to say that Pokémon Go has become extremely popular in a very short amount of time. But with that popularity, comes cybercriminals looking to take advantage of users.
Proofpoint announced yesterday that they discovered a version of the installer for Pokémon Go that has a RAT (Remote Access Trojan) attached to it. This RAT seems to be the very popular Droid Jack, which targets Android users. Now this version is not on Google Play. If you get the app from Google Play, you are okay. But if you are downloading the app from a third party source, you run the risk of getting a Trojan on your phone.
So basically, here is what’s happening: An Android application package file of Pokémon Go has been rigged with a RAT (Remote Access Tool) that, if installed, can give the attacker complete access to the device. Because of the huge success of the game within the first week of release, Niantic Inc. has paused the worldwide roll-out. Right now, Pokémon Go is only available in the United States, Australia, and New Zealand. This means that users in other countries may be tempted to sideload APKs of the game from third party sites. While the APK hasn’t been spotted in the wild yet, it won’t be long before it spreads like wildfire online.
So would-be Pokémon Trainers need to be careful. A malicious, backdoor version of the massively popular game could be out there. Proofpoint cautions that it is only a matter of time before the malicious version is spread online. So as always, BECA cautions you to stay safe, stay alert, and think before you click!