Pokémon Go was recently released on Android and iOS in certain countries and has become a smash hit. Naturally, opportunistic cybercriminals are hoping to take advantage of this craze.
IT security firm Proofpoint caught cybercriminals attempting to distribute an infected version of the Pokémon Go Android app. This version features a remote access tool (RAT) called DroidJack or SandroRAT that enables someone to take full control of an infected device.
This is a significant threat because Pokémon Go isn’t available in many countries, which is prompting people to download apps from uncertified sites without checking their authenticity.
“Bottom line, just because you can get the latest software on your device does not mean that you should,” Proofpoint wrote. “Instead, downloading available applications from legitimate app stores is the best way to avoid compromising your device and the networks it accesses.”
Proofpoint has offered ways to identify if you have installed a malicious version of the app on its site.