Pokémon Go screenshots via Polygon

A malicious version of Pokemon Go is infecting Android phones

Here's how to tell if yours is legit.

KIRSTEN ACUNA, TECH INSIDER
10 JUL 2016
 

Pokémon Go is the hot mobile game of the moment. Unfortunately, not everyone can play it. International rollout of the game has been paused while Nintendo and The Pokémon Company work on fixing server capacity.

But that's not stopping people from finding other ways to download versions of the game.

 

According to security firm Proofpoint, via Motherboard, a version of the app infected with a malicious remote access tool (RAT) called DroidJack is making the rounds. It installs a backdoor granting full control of the Android phone to hackers.

Proofpoint reports the malicious version of the app was released less than 72 hours after the game was released in New Zealand and Australia. It's believed that those waiting for the game to rollout in their countries may be trying to acquire the game through other means and are at risk for the infected app.

"Likely due to the fact that the game had not been officially released globally at the same time, many gamers wishing to access the game before it was released in their region resorted to downloading the APK from third parties," wrote Proofpoint in a blog post.

Do you have this version of the game on your phone?

Probably not. If you downloaded Pokémon Go through a legitimate app store then your game is fine.

In order to get the malicious app you need to go out of your way. You need to disable Android security which prevents installation of unknown third-party apps and 'side-load' the game onto your phone.

 

Still, if you want to check to see which version of the game you're playing, Proofpoint has a few tips.

First, you can compare the permissions on your app with those of the legitimate one.

Here's how the permissions should look:

pokemon go permissions

Here's how they look in the compromised app:

pokemon fig2

pokemon fig3

Proofpoint also suggests comparing the two app's SHA-1 hashes, a long group of characters that verifies whether a file is modified. 

Via Proofpoint:

"The legitimate application that has been often linked to by media outlets has a hash of8bf2b0865bef06906cd854492dece202482c04ce9c5e881e02d2b6235661ab67, although it is possible that there are updated versions already released. The malicious APK that we analysed has a SHA256 hash of 15db22fd7d961f4d4bd96052024d353b3ff4bd135835d2644d94d74c925af3c4."

You can download Pokémon Go for iOS and Android here

This article was originally published by Tech Insider.

More from Tech Insider:

More From ScienceAlert

Pay what you want for this White Hat Hacker 2017 Bundle

Become an ethical hacker this holidays. 

1 day ago
The total mass of Earth's 'Technosphere' is 30 trillion tonnes
1 day ago
Tornado outbreaks in the US are getting worse, and no one knows why

Twister chains are twice as big as they used to be.

1 day ago