Search icon A magnifying glass. It indicates, "Click to perform a search".
Close icon Two crossed lines that form an 'X'. It indicates a way to close an interaction, or dismiss a notification.
Chevron icon It indicates an expandable section or menu, or sometimes previous / next navigation options. HOMEPAGE
Entertainment

Some Android users are installing a malicious third-party version of 'Pokémon Go'

Kirsten Acuna
2016-07-11T13:07:00Z
Read in app
pokemon battle
Kirsten Acuna/Tech Insider

"Pokémon Go" is the hot mobile game of the moment. Unfortunately, not everyone can play it. International rollout of the game has been paused while Nintendo and The Pokémon Company work on fixing server capacity.

Advertisement

But that's not stopping people from finding other ways to download versions of the game.

According to security firm Proofpoint, via Motherboard, a version of the app infected with a malicious remote access tool (RAT) called DroidJack is making the rounds. It installs a backdoor granting full control of the Android phone to hackers.

Proofpoint reports the malicious version of the app was released less than 72 hours after the game was released in New Zealand and Australia. It's believed that those waiting for the game to rollout in their countries may be trying to acquire the game through other means and are at risk for the infected app.

"Likely due to the fact that the game had not been officially released globally at the same time, many gamers wishing to access the game before it was released in their region resorted to downloading the APK from third parties," wrote Proofpoint in a blog post.

Advertisement

Do you have this version of the game on your phone?

Probably not. If you downloaded "Pokémon Go" through a legitimate app store then your game is fine.

In order to get the malicious app you need to go out of your way. You need to disable Android security which prevents installation of unknown third-party apps and "side-load" the game onto your phone.

Related stories

Still, if you want to check to see which version of the game you're playing, Proofpoint has a few tips.

Advertisement

First, you can compare the permissions on your app with those of the legitimate one.

Here's how the permissions should look:

pokemon go permissions
Pokémon Go screenshot via Proofpoint

Here's how they look in the compromised app:

pokemon fig2
Record audio? Modify contacts? No thanks. screenshot via Proofpoint

pokemon fig3
Yeah, this is creepy. screenshot via Proofpoint

Proofpoint also suggests comparing the two app's SHA-1 hashes, a long group of characters that verifies whether a file is modified. 

Advertisement

Via Proofpoint:

The legitimate application that has been often linked to by media outlets has a hash of 8bf2b0865bef06906cd854492dece202482c04ce9c5e881e02d2b6235661ab67, although it is possible that there are updated versions already released. The malicious APK that we analyzed has a SHA256 hash of 15db22fd7d961f4d4bd96052024d353b3ff4bd135835d2644d94d74c925af3c4.

You can download "Pokémon Go" for iOS and Android here.

Read next

Watch: People keep finding Pokémon in ridiculous places

Video Games
Advertisement
Close icon Two crossed lines that form an 'X'. It indicates a way to close an interaction, or dismiss a notification.

Jump to

  1. Main content
  2. Search
  3. Account