ProofPoint have found in the wild a backdoored version of the popular Pokemon GO Android App that could allow attackers to gain control over victim’s device

The gamers are going crazy for the last Nintendo game Pokemon GO which uses augmented reality , the mobile app is used by players to walk around and collect the popular characters.

The game is viral, players use to spoof their location using VPNs in their quest to catch ’em all. Crooks are trying to exploit the popularity of the game to spread a malicious version of the Pokemon GO app that could infect Android mobile devices and install a backdoor to gain complete control over the victim’s smartphone.

Experts from the security firm Proofpoint discovered a bogus Android application that included the DroidJack remote access tool (RAT). The official Pokemon GO app was first launched in Australia and New Zealand on July 4th, and later on July 6th in the US, but the malicious app was first uploaded to an online malware detection repository on July 7.

“Unfortunately, this is an extremely risky practice and can easily lead users to installing malicious apps on their own mobile devices,” highlights Proofpoint. “Should an individual download an APK from a third party that has been infected with a backdoor, such as the one we discovered, their device would then be compromised.”

The good news is that it is quite easy to check if the version you have downloaded is infected. For example, the malicious Pokemon GO app requests more permissions of the legitimate one.

Another possibility consists in the verification of the app SHA-1 digest, users can match the hash of the downloaded app with the official one associated with the legitimate app.

Gamers you are advised, be careful when downloading software from third-party app stores.

“Bottom line, just because you can get the latest software on your device does not mean that you should,” the security researchers write. “Instead, downloading available applications from legitimate app stores is the best way to avoid compromising your device and the networks it accesses.”

[adrotate banner=”9″]