Infracore LLC Blog

Download the Wrong App and Have More Than Pokémon Fever Infect Your Device

Download the Wrong App and Have More Than Pokémon Fever Infect Your Device

There’s a new augmented reality game on the market these days. Perhaps you’ve heard of it - a title called Pokemon Go, which lets you capture virtual monsters that “appear” on your smartphone’s camera. However, hackers have seized this opportunity to infect players’ mobile devices with a backdoor called DroidJack, which uses the mobile app’s immense popularity to its advantage.

As one of Nintendo’s most popular gaming franchises, it shouldn’t come as a surprise that Pokemon Go has experienced such a warm reception amongst both new and old fans of the series. It’s ranked as the #1 most downloaded app on both the Apple Store and Google Play store, and was so wildly successful that Nintendo’s stock surged following its release. With over 75 million users worldwide, it has more users than some of the most popular smartphone apps, including Tinder, Twitter, and Google Maps.

Of course, hackers have to ruin the most popular of things, and they made an attempt to exploit this in the form of a malicious APK (Android application package). The game experienced a soft release, probably in order to ensure that the servers (which many Pokemon Go gamers suspect is simply a closet full of potato electrodes due to frequent crashes) could handle the traffic volume, which left many countries around the world without access to the game at first.

Thus, impatient fans made attempts to download the APK file and “side-load” it onto their devices - a major no-no for any security-minded mobile device user. Basically, you have to allow app installation from unknown sources, which is frowned upon due to some apps containing malware, or unnecessary permissions. Yet, those who wanted to play the game didn’t think for one second that what they were really downloading was a backdoor into their devices.

Due to the exclusivity of the application in the days before its release, many users outside of a select few countries chose to download the APK from an unknown source and just rolled with it. Today, the app is available in many countries, but a modified APK that was released online prior to the official release allowed remote access to the device, and can provide full control over the victim’s phone. In worst-case scenarios, this vulnerability extends to the rest of any network that the device is connected to. Security firm Proofpoint suggests that it’s entirely possible that, should infected devices connect to your network, networked resources can also be put at risk.

Take a look at the DroidJack-infected app’s permission request, and see for yourself just how strange they might look.

https://www.proofpoint.com/sites/default/files/users_content/10/pokemon-fig2.png
https://www.proofpoint.com/sites/default/files/users_content/10/pokemon-fig3.png

This is a valuable lesson to anyone who uses a smartphone: be careful of what apps you download, and ensure that you aren’t giving your apps too many permissions. There’s almost no reason that a game of any kind should be able to access your text messages, make phone calls, modify your contacts, record audio, or anything else of the sort. Exploitation of the APK hasn’t necessarily been observed in the wild, but a development such as this, where hackers use popular apps to spread their infections, sets a dangerous precedent that cannot be ignored.

You should never install apps from unknown sources in the first place, especially on company devices and smartphones. It’s especially important that you only download apps from reputable sources, like the Apple store and the Google Play store.

After all, “Gotta catch ‘em all,” shouldn’t refer to malware infections.

New High Score for Microsoft: More Than 44% of All...
Tip of the Week: Why You Should Rethink Routinely ...
 

Comments 2

Maria Albert on Tuesday, 26 September 2017 23:37

Occasionally I strive to not concentrate such these kinds of articles and neglect reading like these kinds of post. But really after long time I reached a site which provided me tremendous information as I all the time try to get. Now I can move on towards my pending task of searching elite mobile games development company UK. And absolutely would like to comeback on this soon as soon as getting my project.

Occasionally I strive to not concentrate such these kinds of articles and neglect reading like these kinds of post. But really after long time I reached a site which provided me tremendous information as I all the time try to get. Now I can move on towards my pending task of searching elite [url=https://www.ingic.uk/mobile-games/]mobile games development company UK[/url]. And absolutely would like to comeback on this soon as soon as getting my project.
Cameran Moon on Thursday, 22 November 2018 09:11

Infra core was the heart of IT they told us that if we download a wrong application it will infect our cell phone or computer. If you need to get all information on this you can got through https://www.topratedessayservices.com/ this was the official site that have all the issue along with their solution.

Infra core was the heart of IT they told us that if we download a wrong application it will infect our cell phone or computer. If you need to get all information on this you can got through https://www.topratedessayservices.com/ this was the official site that have all the issue along with their solution.
Already Registered? Login Here
Guest
Friday, January 18 2019

Captcha Image

Tag Cloud

Tip of the Week Security Technology Best Practices Privacy Cloud Google Business computing Network Security Microsoft Data Hosted Solutions Malware Hackers Software User Tips Innovation Backup Internet Tech Term Hardware Business Smartphones Mobile Devices Business Continuity Smartphone Data Backup Email Browser Windows 10 Productivity VoIP Computer Android IT Services Outsourced IT Cloud Computing Disaster Recovery Managed IT Services Small Business Alert Workplace Tips Communications Data Recovery Business Management Ransomware Managed IT Services Computers Miscellaneous Office Artificial Intelligence Efficiency Router Chrome Communication Law Enforcement Cybercrime Windows 10 Network Social Media Internet of Things Office 365 Password Applications Facebook Virtualization Windows How To Telephone Systems Holiday Productivity Money Passwords IT Support Collaboration Cybersecurity Social Engineering Gadgets Wi-Fi Information Spam Google Drive Automation Saving Money Quick Tips Mobile Device Upgrade Work/Life Balance Health Server Word App Microsoft Office Hacking Private Cloud Scam Data Breach BDR Vulnerability Mobility Settings Managed Service Data Protection Mobile Device Management Bring Your Own Device Voice over Internet Protocol Save Money Apps HaaS Two-factor Authentication Phishing Office Tips Keyboard IT Support Data Security Connectivity Remote Monitoring VPN Cleaning Managed Service Provider Flexibility Worker Government Managed IT Human Resources Fraud Access Control Servers Telephony Big Data Google Docs Legal Paperless Office Windows 7 Computer Care Automobile Public Cloud Botnet Comparison BYOD Website CES Data Storage Electronic Medical Records Machine Learning Samsung Bandwidth Data Management Training Virtual Assistant Entertainment End of Support OneNote Content Management IT Management History Redundancy USB Value Firewall Business Intelligence Networking Sports Spam Blocking Marketing Telephone System Avoiding Downtime Blockchain IT Plan Identity Theft Employer-Employee Relationship Software as a Service Update Battery Encryption Operating System Charger Infrastructure PDF Patch Management Unsupported Software Remote Computing Screen Mirroring Two Factor Authentication Workforce Knowledge Document Management Microchip Windows 10s Windows Server 2008 Experience Password Manager Black Market Monitor HBO Risk Management Wireless Charging Devices Cryptocurrency Root Cause Analysis Trending Computing Infrastructure Remote Worker Conferencing Software Tips Hiring/Firing Scalability Social FENG Cast Network Congestion Accountants Search Engine Music Business Mangement Safety Staff Wireless Internet Warranty Outlook Politics Rootkit Cortana Thought Leadership Wireless Safe Mode Transportation Wiring Emails Employer Employee Relationship Amazon Authentication Humor Internet Exlporer HVAC Vendor Skype Books Assessment Telecommuting IT Consultant Files Best Practice Bing Solid State Drive Flash Wearable Technology Gmail Benefits Specifications Data storage Wire Printer Frequently Asked Questions Google Apps Hybrid Cloud Meetings Travel Techology Users Unified Threat Management Computer Accessories Amazon Web Services Nanotechnology Information Technology Enterprise Content Management Display Start Menu Television Remote Work Leadership Practices YouTube Content Help Desk Audit Recovery Recycling MSP Digital Signature Mouse Excel Vendor Management Workers Addiction Apple Search Virtual Reality Mobile Computing IT solutions Physical Security Bluetooth Online Shopping Smart Tech Internet exploMicrosoft Instant Messaging Password Management Security Cameras Tools Emergency Public Computer Save Time Hosted Computing Video Games Audiobook Computer Fan Sync Troubleshooting Loyalty eWaste File Sharing Smart Technology Millennials Current Events Smart Office Administrator Tip of the week Cache iPhone How to Data loss Worker Commute Camera Evernote Advertising NIST Hacker Downtime Multi-Factor Security HIPAA webinar Credit Cards Inventory Relocation User Error Shortcuts The Internet of Things WiFi SaaS Criminal Education Augmented Reality Regulation Printers Smartwatch Twitter Webinar CrashOverride Company Culture Thank You Compliance Managing Stress Congratulations

Mobile? Grab this Article!

QR-Code dieser Seite

Recent Comments

AngusCousens Preventing Identity Theft Should be a Priority, But Do You Know How to Handle It?
27 December 2018
What a good story you have written and I feel good reading about your story and we should share thin...
George Nivison Bring Your Own Device Is Great...When Applied Properly
21 December 2018
If you think you device get slow then try once again for the device sharing speed with the connectin...
Chantale Bass Tip of the Week: How to Use Tabs to Their Full Potential
15 December 2018
Tabs we need to use only with the ways of the potentially uses from the internet use and also for th...
JoseSClark How You Can Get Microsoft Office Certified
14 December 2018
Many users want to get Microsoft Office certified for theirselve and it was a good post for them. Re...
Donna Brock 3 Significant Ways the Cloud Can Grow Your Business
13 December 2018
In every field of life technology have a big name and now technology provide the facility to save yo...