Augmented reality is a growing trend in the technology industry. Perhaps one of the best known today can be found in the extremely popular mobile device app, Pokemon Go. However, hackers have seized the opportunity to infect players who want to “catch ‘em all” with a backdoor called DroidJack - something that certainly won’t help gamers “be the very best.”
The Pokemon series has long been known as one of Nintendo’s most popular gaming franchises. With the release of Pokemon Go, the series has finally made its way to mobile device users. It’s currently ranked as the #1 most downloaded free app on the Apple Store, as well as the Google Play store. The game was such a hit that Nintendo’s stock increased exponentially overnight. The app has over 26 million users worldwide -- more than Tinder, Twitter, Google Maps, and other mobile apps.
However, like they have done with so many extremely popular apps, hackers have taken this and exploited it to do their bidding. Prior to the app’s release worldwide, many impatient fans downloaded the APK (Android application package) from third-party websites and “side-loaded” it onto their devices. This can only be done by going into Android’s settings and allowing app installation from unknown sources. Normally, this is a red flag for any security-minded mobile device user, as malware is known to infect devices and download apps without the permission of the user; yet, some Pokemon fans just couldn’t wait, and downloaded the APK without thinking of the consequences -- like downloading a backdoor.
Considering how many countries outside the United States, Australia, and New Zealand, are still waiting for access to Pokemon Go, many have chosen to just use the APK to get the app on their device, rather than wait for the official release. One particular source of the APK provides a modified version of Pokemon Go that, upon installation, installs a backdoor onto the device that allows for remote access to the device and provides full control over the victim’s phone. The infected version of Pokemon Go is so well-done and inconspicuous that the user likely won’t know their device has been infected. Security firm Proofpoint suggests it’s entirely possible that, should infected devices connect to your network, networked resources can also be put at risk.
Take a look at the DroidJack-infected app’s permission request, and see for yourself just how strange they might look.
https://www.proofpoint.com/sites/default/files/users_content/10/pokemon-fig2.png
https://www.proofpoint.com/sites/default/files/users_content/10/pokemon-fig3.png
When downloading any app, it’s crucial that you drive this best practice into the heads of your employees: be sure to pay attention to the permissions required by the apps that you download. For example, there’s no real reason why Pokemon Go would need to make phone calls, edit and send text messages, modify your contacts, and record audio. All of this is just asking for disaster. The exploitation of the APK shows that hackers are taking advantage of wildly popular smartphone apps, and turning them into catalysts to spread their malware and influence.
There are two lessons to be learned: Don’t download apps from unknown sources, even if they’re just games; and make sure that your employees know your policy on mobile apps on your in-house network. Also, be sure to examine a new app’s permissions, and only download them from the Apple store or Google Play store. Among your millennial workforce, there may be many users of Pokemon Go, so it’s your responsibility to reach out to them, and educate them on these best practices.
Let Smart Services position your agency for tomorrow’s technological challenges. For 25 years, Smart Services has helped agencies across the U.S. face a changing environment by providing innovative technology solutions that allow agencies to focus on growing their business. MyAgency Cloud, our complete cloud solution, covers all your technology needs in the cloud or at your agency. In today’s competitive environment, it’s time to make your agency technology a strategic asset, instead of a liability. Let us show you how. To learn more, please call our expert agency technology advisor at 586-258-0650.
Comments