Researchers have discovered that a malicious app is mirroring the #1 app in the iTunes store claiming to be Pokemon Go but may actually contain a malicious remote access tool called DroidJack. In a phased release, Pokemon Go is being made available to players across the world. However many gamers want early access and have bypassed country locks to get to the new app. However, they may be propositioned by a fake Android app that once downloaded actually takes full control of the victim’s phone. Tim Erlin, Senior Director of IT Security and Risk Strategy for Tripwire commented below.
Tim Erlin, Senior Director of IT Security and Risk Strategy at Tripwire:
“When it comes to malware, you really don’t want to catch ’em all.” Tim says, “Cybercriminals are after any angle that helps them gain a foothold on your devices. A popular app that’s not available in some places is a near-perfect target for crafting a malware delivery strategy. People have proven time and time again that they’ll click recklessly to get access to new, prohibited or early-release software. Attackers have proven time and time again that they’ll find a way to infect that software.” Tim warns, “Installing software from third-party markets and unknown sources increases your risk of malware. Period.”