Subscribe / Unsubscribe Enewsletters | Login | Register

Pencil Banner

Pokémon Go Delivers a Lesson in Security!

Barracuda Networks | Aug. 25, 2016
The unsuspecting victims caught more than just Pokémon!

Opportunistic hackers are using the Poké-craze to infect smartphones

As the dust settles following the storm that is the launch of Pokémon Go, it's an ideal time for us as an industry to take stock of all that's happened so far.

Arguably one of the most-hyped and successful app launches in mobile history, Pokémon Go, developed by Niantic Labs, was finally set loose in July 2016.

Niantic anticipated a huge surge in traffic, and, in an effort to prevent server overloading, staggered the launch of the app by country. It first rolled out in Australia and New Zealand, followed by U.S. and other countries over the next few weeks.

The staggered launch may have eased server load, but it had an unintended side effect: opportunistic hackers who also wanted to catch 'em all - all of the unwitting, overenthusiastic victims who tried to sideload the app before it was officially available in their regions.

Sideloading meant users had to get the app from 3rd party app stores, or manually install them from APKs downloaded from other sources. Neither of these two methods go pass Google's review process, which means APKs can harbour all manner of malicious Trojans or backdoors. And harbour them they did.

Unsuspecting victims catch more than just pocket monsters

Researchers discovered an infected version less than 72 hours after launch. The APK was modified to include the malicious remote access tool (RAT) called DroidJack (also known as SandroRAT), which would virtually give an attacker full control over a victim's phone.

There were also privacy concerns with the official iOS version of the app where it was asking for full, unfettered access to users' Google accounts. It could theoretically access all your e-mails, documents, photos and search history. The issue was quickly fixed, but there's no denying the risk that was present. Other privacy concerns have led to some companies banning the app completely.

Pokemon Go Release Info

From a security standpoint, it's alarming. End users connect devices they own to a corporate network, and organisations may not have visibility on where these devices have been between since the last time it was connected. It could easily have been infected, and the malware could be trying to find a way past the corporate firewall, deliver a ransomware payload that encrypts an organisation's data or surreptitiously steal data.

While we put safeguards in place to prevent end users from accessing sites that are known to be loaded with malware, it's difficult to keep pace. Hackers are especially prolific when it comes to finding new and creative ways to distribute malware.


1  2  Next Page 

Sign up for CIO Asia eNewsletters.