Fake Pokemon Go App On Google Play Infects Phones With Screenlocker (arstechnica.com)

← Back to Stories (view on slashdot.org)

Fake Pokemon Go App On Google Play Infects Phones With Screenlocker (arstechnica.com)

Posted by msmash on Friday July 15, 2016 @10:00AM from the rogue-android-apps dept.

Everytime an app gets insanely popular, vicious minds try to capitalize on the momentum -- and history suggests, Android is their most-targetted platform. So it wasn't really a big surprise when security researchers at Eset announced on Friday that at least three fake, possibly malicious Pokemon Go app have made it to Google Play, Android's marquee app store. From an Ars Technica report: Of the three, the one titled "Pokemon Go Ultimate" posed the biggest threat because it deliberately locks the screen of devices immediately after being installed. In many cases, restarting an infected phone isn't enough to unlock the screen. Infected phones can ultimately be unlocked either by removing the battery or by using the Android Device Manager. Once the screen has been unlocked and the device has restarted, the app -- which by now has the title PI Network --is removed from the device's app menu. Still, it continues to run in the background and surreptitiously clicks on ads in an attempt to generate revenue for its creators. Eset discovered two other fake Pokemon Go apps inhabiting Google Play, one named "Guide & Cheats for Pokemon Go" and the other "Install Pokemongo." Both deliver ads carrying fraudulent, scary-sounding messages that are designed to trick users into buying expensive, unnecessary services. One such message claims the device is infected with malware and prompts the user to spend money to get the malicious apps removed.

48 comments

Min score:

Reason:

Sort:

Re:Pokemon GO should cease by sexconker · 2016-07-15 10:19 · Score: 1

You just want to catch them ll for yourself. I bet you're a salty Mystic player!
Re:Pokemongo only pawn in game of life by Howitzer86 · 2016-07-15 10:25 · Score: 1

Pokey Mongo.
Darwin Calling by Anonymous Coward · 2016-07-15 10:29 · Score: 0

Them nasty little pokemons have evolved to post app traps to the play store in order to protect themselves from capture!
Google drops the ball...again by Anonymous Coward · 2016-07-15 10:30 · Score: 4, Interesting

Android is a security disaster.
People pretend that only those that run rooted phones and install things from untrusted sources are at risk. Once again we are shown that it doesn't matter wethet you install from the play store or not. The Android ecosystem is just full of holes.
My question is when will Google be held liable for this trainwreck? There are specific requirements that have to be met to be able to submit an app to the play store. The apps are (supposedly) verified before being accepted. Google even reserves the right to ban certain types of apps from the store or to remotely remove them from users devices (fun fact: Google Play Services allows Google to remotely administer your device. And it runs as root, because, why not?).
We can't keep letting Google get away with this. We can't keep pretending that Google isn't liable.
1. Re: Google drops the ball...again by Anonymous Coward · 2016-07-15 10:44 · Score: 0
  
  Yep. Google is probably one of the worst companies around today. I can't think of any other causing more damage to society. I don't think the US will do anything about it though. Hopefully it will get picket apart in the EU soon.
2. Re:Google drops the ball...again by stephanruby · 2016-07-15 10:54 · Score: 2
  
  The apps are (supposedly) verified before being accepted.
  No, no doubt Google scans for existing threats when developers upload their apps, but Google makes no such promise about having verified apps on their store. You must be confusing Google with Apple.
  
  We can't keep pretending that Google isn't liable.
  Liable for what? What damage has been done? Booting into recovery mode is just one google search away. Also, Google can remotely uninstall malicious apps.
  Not only that, but users can flag and downrate such apps immediately. The system is such that apps with low ratings lose visibility in their search results. And no one in their right mind will download an app with one star ratings anyway (unless they're a journalist in search of a click-bait story).
3. Re: Google drops the ball...again by Anonymous Coward · 2016-07-15 11:00 · Score: 0
  
  Google is probably one of the worst companies around today. I can't think of any other causing more damage to society.
  Really? Let's try an easy comparison...
  Tobacco companies are contributing to about 6 million deaths per year and trillions in direct medical costs ($170 billion per year in the US alone).
  And you think Google not policing its app store diligently enough is somehow causing more damage to society?
4. Re: Google drops the ball...again by pr0fessor · 2016-07-15 12:01 · Score: 1
  
  and imagine how crowded it would be in just a couple decades without that control of population and of course doctors would have to sleep in beds instead of on piles of cash
5. Re:Google drops the ball...again by macs4all · 2016-07-15 12:07 · Score: 0
  
  No, no doubt Google scans for existing threats when developers upload their apps, but Google makes no such promise about having verified apps on their store. You must be confusing Google with Apple.
  1. Google CANNOT be THAT incompetent. They simply aren't "scanning" squat.
  2. Apple is smart enough to not GUARANTEE no Malware. But their track record undeniably points out that whatever they are doing as far as App Approval is FAR, FAR, FAR superior to what Google is doing.
6. Re:Google drops the ball...again by No+Longer+an+AC · 2016-07-15 14:07 · Score: 1
  
  Android is a security disaster.
  As an android user, I'm very aware of this. That's why I use my phone primarily as a phone and sometimes a GPS navigation device. If it were lost or stolen my banking and credit card information would not be compromised. The most sensitive information that would be exposed would be my contacts and a few text messages. There aren't even any interesting photos on it. I have an actual camera for that.
  But a couple days ago I was kind of curious about this Pokemon Go thing and I almost installed it until I reviewed what it wanted access to which appeared to be just about everything. I understand that it needs some permissions which I find sensitive (location, camera, network) but why would it need access to my contacts? And it also stated that automatic updates to it may be given even more permissions.
  And am I wrong, or does Android not have the concept of file permissions? Obviously some apps need to read and write files, but is there any reason my Pokemon app needs to be able to read the files saved by some other app?
  I get the impression that a lot of people say "Who cares if they can read your contacts? Every app does that! They aren't really doing anything with it." But if they weren't doing anything with it, why do they go to the trouble of getting permission to do so?
  I'm actually tempted to get a burner phone just so I can go wild in the app store and not have to worry about my privacy.
7. Re: Google drops the ball...again by Anonymous Coward · 2016-07-15 19:17 · Score: 0
  
  To address point #2, they have also banned and held hostage apps.
  Most recently was a radio app that even after recomplying with the store policy that Apl must gouge the user because reasons if there is payment made available in app. They removed the sign up / payment in app completely with no indication of external payment methods like Amazon does.
  I, for one, would rather use my brain to decide myself. It's pretty easy to determine which are scam apps (you know, apps that request permissions like Start on boot that have no reason to)... plus Google's auto removal of apps.
  Those apps in the article are already gone from the play store and people's devices, and any other software using that same is now banned.
8. Re: Google drops the ball...again by Anonymous Coward · 2016-07-15 19:26 · Score: 0
  
  You know PGo is a Social game right? Requesting contacts is a no brainer for these types of games.
  Also, hahahahahaha security disaster. All of APLs malware that have been reported and booted off save the massive Dev kit disaster was Self Reported by security researchers trying to prove a point (or was a secret feature like a tethering flashlight - I still consider it malware since it was not allowed). Nobody can analyze any of the apps on the App store (you will have a hard time decompiling the executable, even assuming you could access it). Security through obscurity always works right?
  Thankfully, it's much easier to get many eyes on Android, so overtly evil things like this are caught fast and removed from existence.
9. Re: Google drops the ball...again by macs4all · 2016-07-15 20:20 · Score: 1
  
  Most recently was a radio app that even after recomplying with the store policy that Apl must gouge the user because reasons if there is payment made available in app. They removed the sign up / payment in app completely with no indication of external payment methods like Amazon does.
  I assume you are referring to the recent Spotify App?
  
  This /. Comment sums up the real reason Spotify is wanting preferential treatment.
10. Re:Google drops the ball...again by Anonymous Coward · 2016-07-16 01:50 · Score: 0
  
  I'm not letting Google get away with anything, personally.
  I tried the iPhone. It was OK, but at the time it was AT&T-exclusive and I got sick of them. So I switched...
  To Windows Mobile 6. Ugh. Bad move. Everyone knows why. But the phone had a hardware keyboard, so I wanted it. The iPhone's keyboard was so tiny and this seemed better. The phone was plenty speedy, though. It never really bogged down like the iPhone did. But eventually, I switched again...
  To Android. It was "just like" the iPhone, but with more "freedom". I only ever bought one app for the iPhone, and bought exactly zero for Android because I didn't trust Google with my credit card info. They wanted to keep it on file, and I wanted them to forget it and make me re-enter it every time I purchased something. So screw them. Eventually, that phone was no longer supported and fell so far behind on updates... it was maxed out at 4.3 when 6 was being released. So I switched...
  To a Windows 10 Mobile phone. So here we have a system that's every bit as nice as Apple's, every bit as free as Google's, and every bit as speedy as old WM6 was. It just doesn't have as many junky apps as the others. And now, I'm protected from fake (and real) Pokemon Go apps. It's super effective!
  So, yeah, Google is going to have to do something crazy to get me to bother with Android ever again. They've not been let off the hook for their shoddy ways.
11. Re:Google drops the ball...again by antdude · 2016-07-16 07:02 · Score: 1
  
  Apple's app stores can be the same too. Once in a while, bad apps get published. :(
  
  --
  Ant(Dude) @ Quality Foraged Links (AQFL.net) & The Ant Farm (antfarm.ma.cx / antfarm.home.dhs.org).
12. Re: Google drops the ball...again by Anonymous Coward · 2016-07-16 13:38 · Score: 0
  
  Running a rooted phone is far less risky. People with rooted phones can update the os with security patches from google. They can also install security software that actually works plus they can image their device and restore it any time they want.
  Lastly people who root generally dont install obviously fake software. I dont install anything brand new or under 50k downloads and when I do install something it can't do anything... At all until I give it permission to do so.
13. Re:Google drops the ball...again by Rexdude · 2016-07-17 17:21 · Score: 1
  
  If you're dumb enough to download an app from a dodgy unverified publisher, or without reading reviews, sure, blaming Google is the sane response here. ISPs are also responsible for the content they provide access to, I presume?
  
  --
  "..One hosts to look them up, one DNS to find them, and in the darkness BIND them."
14. Re:Google drops the ball...again by Sloppy · 2016-07-18 02:32 · Score: 1
  
  I think it just points out that the idea of a central repository doesn't make sense with proprietary software. I basically trust the Debian repo (or OpenBSD ports, etc) because there's at least a chance that someone checked the software out to see if it's intended to work for the users instead of someone else.
  With the bullshit repos from Google, Apple, etc you know they aren't auditing the software, due to one really simply fact: they can't audit it. Binaries are submitted, not source. So whatever "vetting" happens, you damn well know it's not intended to be the in users' interest. At best, all users have going for them is that sometimes a barn door will get closed after the horses get out.
  If you're going to run proprietary software, there's no point in using a store. You might as well just get it from the makers themselves.
  
  --
  As copyright owner of this comment, I authorize everyone to defeat any technological measure which limits access to it.
Build a better Mousetrap by Marxist+Hacker+42 · 2016-07-15 10:41 · Score: 1

And better mice will beat a path to your doorstep.

--
SJW: a person who perceives an injustice, and while correcting it, commits a greater injustice.
way to go, google. by Anonymous Coward · 2016-07-15 10:56 · Score: 0

you don't have a filter to prevent anything with "pokemon" (or any other 'trending' keyword) from getting auto-listed. what the fuck?
Re: Pokemon GO should cease by Anonymous Coward · 2016-07-15 10:58 · Score: 0

Don't worry, once the novelty wears off and everyone realizes that there's absolutely no depth to the game, it'll die. Right now it's the stupid media hype (like, say, this story) that's keeping people playing.
Once players realize this is nothing like an actual Pokemon game, it'll fade into obscurity. You can't even level up your pokemon, instead you basically crush ones you've caught into more powerful variants.
It's dumb, shallow, and boring. It won't last.
gps and Pokemongo meta-data by Anonymous Coward · 2016-07-15 11:00 · Score: 0

Famous last words (japanese political saboteur laughing at gullible American child)...
"Hey mister, there is a hypno and a jynx inside your Free Candy van, can I?"
"C'mon dude look at all those pokemon on San Nicholas Island and Camp Pendleton! Here comes one now flying beside that F16! In that smoldering crater!"
"Do i need to buy a side of rice before you let me in to battle Ratatta and Hitmonchan in your restaurant back alley?"
"There is a dungeon pokemon calling from underneath your driveway, do you have a access door so i can get nearer?"
"Exotic Misty Pokemon Besteliaty?"
"Nurse Jenny lesbian acts"
say what you will, iOS is more grandmother safe by Anonymous Coward · 2016-07-15 11:09 · Score: 1

Apple seems to do a MUCH better job of policing their app store than Google, which makes iPhones a far better bet for non-techies like my grandma (and yes she does have an iPhone). I know someone will come along and point out some obscure case of malware making it into Apple's store but for every one of those there are thousands that make it into the Android store. It's way, way lopsided.
Google needs to up their game. Badly.
1. Re:say what you will, iOS is more grandmother safe by macs4all · 2016-07-15 12:20 · Score: 1
  
  Apple seems to do a MUCH better job of policing their app store than Google, which makes iPhones a far better bet for non-techies like my grandma (and yes she does have an iPhone). I know someone will come along and point out some obscure case of malware making it into Apple's store but for every one of those there are thousands that make it into the Android store. It's way, way lopsided.
  Google needs to up their game. Badly.
  You are only partially-right. You don't have to be a "non-techie" to appreciate the advantages of Apple's App Approval process and iOS Security Model. In fact, if you ARE technical, you can actually understand and appreciate how well considered, well designed, and well executed these things are by Apple.
  
  But the simple fact is, Google considers Android just another one of their Data Mining Opportunities; so it devotes precious little resources to actually FIXING the GOOGOLPLEX of very serious problems with the entire Android platform.
2. Re:say what you will, iOS is more grandmother safe by Ol+Olsoc · 2016-07-15 13:45 · Score: 1
  
  You are only partially-right. You don't have to be a "non-techie" to appreciate the advantages of Apple's App Approval process and iOS Security Model. In fact, if you ARE technical, you can actually understand and appreciate how well considered, well designed, and well executed these things are by Apple.
  Because some of us technically adroit people don't want our damn phones to be the center of our technical lives. I have an iPhone for the reasons you do, because I want my phone to just work.
  
  --
  The shepherds did so well protecting the flock that the sheep no longer believed that wolves existed.
3. Re:say what you will, iOS is more grandmother safe by macs4all · 2016-07-15 15:12 · Score: 1
  
  I have an iPhone for the reasons you do, because I want my phone to just work.
  Reclamation! Joy before the angels of God! The point is that it works.
  
  Say it, Brother Sir.
Re:Pokemongo only pawn in game of life by Anonymous Coward · 2016-07-15 11:23 · Score: 0

It's webscale.
Re: Pokemon GO should cease by SpankiMonki · 2016-07-15 11:37 · Score: 1

It's dumb, shallow, and boring. It won't last.
That's what I said about Starbucks.
Re:ABUSIVE MODERATION by Anonymous Coward · 2016-07-15 11:41 · Score: 0

Trump will fix it
Already gone by wbr1 · 2016-07-15 11:52 · Score: 2

Not showing up in store when I search. Looks like the system is working to me.

--
Silence is a state of mime.
1. Re:Already gone by macs4all · 2016-07-15 12:12 · Score: 1
  
  Not showing up in store when I search. Looks like the system is working to me.
  Wrong!
  
  If the "system" was working, these not one, not two, but THREE Malware-infested Apps would have NEVER BEEN APPROVED.
  
  That is, unless you are talking about the "media damage control" "system". If so, you're absolutely right...
2. Re:Already gone by Anonymous Coward · 2016-07-15 13:05 · Score: 0
  
  How exactly did an app, that locks your screen, get approved? Are they running the app at least once, before approving or just blanket, careless approval?
3. Re:Already gone by Anonymous Coward · 2016-07-15 13:42 · Score: 0
  
  Macs 4 no one! Stupid ass, cocksucking Steve Jobs lover. Go fuck yourself. You have no interest in helping anyone here except Apple stockholders, you disgusting shill.
4. Re:Already gone by macs4all · 2016-07-15 14:51 · Score: 1
  
  Macs 4 no one! Stupid ass, cocksucking Steve Jobs lover. Go fuck yourself. You have no interest in helping anyone here except Apple stockholders, you disgusting shill.
  Sounds like some poor Linux Fanboi is mighty Butthurt to me...
5. Re:Already gone by Anonymous Coward · 2016-07-15 14:53 · Score: 0
  
  Macs 4 no one! Stupid ass, cocksucking Steve Jobs lover. Go fuck yourself. You have no interest in helping anyone here except Apple stockholders, you disgusting shill.
  And who exactly are you helping?
6. Re:Already gone by wbr1 · 2016-07-15 15:18 · Score: 2
  
  It is working. The fact that there is more freedom in the google play store, and even freedom to sideload is to me a fair trade for occasional malware. The fact that normally it is gone quickly means it is working.
  
  --
  Silence is a state of mime.
7. Re:Already gone by macs4all · 2016-07-15 16:36 · Score: 1
  
  It is working. The fact that there is more freedom in the google play store, and even freedom to sideload is to me a fair trade for occasional malware. The fact that normally it is gone quickly means it is working.
  It's a fucking PHONE! Grow up.
8. Re:Already gone by Anonymous Coward · 2016-07-18 07:37 · Score: 0
  
  Looks like the system is working to me.
  Crossing the street without looking, but then not getting hit by a car due to random good luck, isn't what we normally think of as "working for me." If this PC were on a desk instead of handheld, I think most Slashdotters wouldn't tolerate having occasional malware in their repo, even if they don't bother installing it. They would dump that distro in a heartbeat.
  The tragedy of Android is that after all these years, there still isn't anywhere else to go. Android's only saving grace is that it's better than iOS (because you're allowed to use your computer however you see fit, instead of being like a "my way or the highway" videogame console system). That's necessary, sure, but it's a damn low bar and I'll be happy to leave the platform when something nicer finally comes along.
  Anytime there's news about a new mobile OS, fuckwits come out of the woodwork saying it's too late, the market is full, yadda yadda. It's hilarious. To me, these idiots sound like they're bragging about how neat-o CP/M or MS-DOS are, when techies are trying to make the next Lisa, ST, Amiga, etc.
ages 5 and up on slashdot now? by Anonymous Coward · 2016-07-15 12:16 · Score: 0

Poll idea: How many times in 3 days has Slashdot deemed their audience curious about Pokemon Go stories.
[ ] 1
[ ] 2-5
[ ] 6-20
1. Re:ages 5 and up on slashdot now? by Anonymous Coward · 2016-07-15 12:19 · Score: 0
  
  CIA distraction technique. If you see a Pokemon Go story... skip it and read the previous 10 stories most recent comments.
  Anybody that into Pokemon Go would already have their sites bookmarked. It is not news after 10 times in 3 days.
2. Re:ages 5 and up on slashdot now? by Anonymous Coward · 2016-07-15 13:11 · Score: 0
  
  PokemonGo is Google Glass version 2.0, the same old spyware crap wine repackaged in new bottle ... and superhyped. Why is /. running daily stories about a lame mobile game?
Re: Pokemon GO should cease by Ol+Olsoc · 2016-07-15 13:36 · Score: 1

It's dumb, shallow, and boring. It won't last.
That's what I said about Starbucks.
So it tastes like burnt mud too?

--
The shepherds did so well protecting the flock that the sheep no longer believed that wolves existed.
Re:ABUSIVE MODERATION by Ol+Olsoc · 2016-07-15 13:42 · Score: 1

Trump will fix it
People have been saying this ia s crime, I'm certain . I'll make sure that Anonymous Cowards will be modded so high that theiy'll get tired of being so insightful. I'll build a Slashdot with the Cowards at the top, and make the moderators pay for it. Oh yeah, I can tell you that.

--
The shepherds did so well protecting the flock that the sheep no longer believed that wolves existed.
Re: say what you will, iOS is more grandmother saf by Anonymous Coward · 2016-07-15 19:35 · Score: 0

Ironically, as I watch a non rooted i device struggle to get on PGo (he tried for like 5 hours) while myself and 5 other Android users have fun catching Pokemon.
You guys enjoy being gouged and censored unnecessarily.
My entire non techie extended family are intelligent enough to question and snood this really shady non Nintendo Pokemon Go shit that's clearly not legit while you guys desperately try to justify being gouged with a 30% tax.
Re:Pokemon GO should cease by Anonymous Coward · 2016-07-18 02:23 · Score: 0

Ford, Toyota, Mercedes General Motors et al should cease, too, now that "for the good of everyone" has suddenly become a not-obviously-bullshit reason.