Unofficial Pokemon GO app found with DroidJack Trojan

Pokemon GO is a great app if you live in one of the countries where it has been officially released. If not, then you most likely resorted to downloading one of those wild .APKs spotted on various hosting sites. Security researchers have warned that such apps, which are not on the official app stores of Google and Apple, could also come with malware.

Now, Nokia has confirmed these fears, saying an app was found, looking identical to the Pokemon GO app, but which also comes with the 'DroidJack' Trojan.

It allows the attackers to track a bunch of phone’s parameters. It does look exactly like the game, it will ‘just’, upon installation, ask for these permissions:

  • Access your contacts
  • Manage and make phone calls
  • Take pictures and record video
  • Access the device’s location
  • Access photos, media and files
  • Record audio
  • Send and view SMS messages

Nokia says most antivirus apps will trigger when this app is installed, so it would be a good choice to get one. Also, an educated and aware user will notice that the app asks for too many permissions, which will most likely raise a few eyebrows.

For the consumer, the following rules will keep them safe:

  • Don’t download games or apps from untrusted third-party sites
  • Install anti-virus software on your mobile phone
  • Don’t grant games or apps permissions they obviously don’t need

Image source: Zanariah Salam / Shutterstock.com