Infected Pokemon GO APK Carries Dangerous Android Backdoor

An anonymous reader writes: Users eager to get their hands on the new Nintendo mobile gaming app Pokemon GO, downloading unofficial copies of the game are opening themselves up to hackers who are circulating malicious versions of the Android APK. A remote access tool (RAT), known as DroidJack (or SandroRAT), has been added to some APK files, allowing third parties to gain full control over the users' mobile devices. Permissions granted to the dodgy app include; directly calling phone numbers, reading phone status' and identities, editing and reading text messages, sending SMS messages and recording audio.The problem is that Pokemon Go is not officially available in every region, and the Google PlayStore doesn't let people in an unsupported region download the app. Also, millions of smartphones and tablets don't support many Google Mobile Services (GMS). While we do not condone downloading installation files of Android apps and games from unofficial stores, APKMirror is one of the few places that we would suggest our readers to check as it has a very commendable track record.

We already know

That apk and his infected host file is dangerous

Re:Shocker!

[tripleevenfall]

My first capture as MaliciousAPK, which I evolved into BotnetDevice and IdentityTheft! It's -10 defense, but gives me 16 additional WalledGardenTaunt per turn when facing an iOS opponent!

Re:GOOD

[__aaclcg7560]

lemmings was on everything.

Until they fell off and died a horrible death.

I'm in Canada and using an APK file

[iONiUM]

I downloaded the APK from apkmirror which I trust: http://www.apkmirror.com/apk/n....

Furthermore, I'm running Android Marshmallow and it allows you to grant or deny specific privileges to each app. This app asked for 4 permissions: contact list, camera, location and storage. This is how you know it's "authentic".

If it's asking for more than that (i.e. microphone), you've got a malware ridden copy.