NEW DELHI: Nintendo's all-new augmented reality (AR) game Pokemon GO is a huge hit. So much so that it has crumbled developer Niantic's servers.
The game is officially available in US, Australia and New Zealand, while fans in other parts of the world have been downloading and installing apk files to play the game.
As it turns out, some of the apk files are now reported to have been infected with malware, giving hackers backdoor entry into users' smartphones.
Some of the third-party apk file hosting websites are said to be packaging the Pokemon GO apk files with malware termed DroidJack or SandroRAT that gives hackers control of the smartphone, claims the Proofpoint researchers. Proofpoint researchers are said to have discovered the exploit.
In case you too have manually downloaded Pokemon GO's apk file and wondering if your's too is infected one, follow these steps to find out:
* You can check the SHA256 hash of the Pokemon GO apk file. As per Proofpoint, the apk version is probably hacked if it shows a hash of15db22fd7d961f4d4bd96052024d353b3ff4bd135835d2644d94d74c925af3c4.
* It is also possible to check the legitimacy of the apk by comparing the permissions screen that show up before starting the video game with those seen in the handset's Settings > Apps > Pokemon GO > Permissions.
We would recommend users to install the files from official app stores or apk websites only. Installing the malicious app version allows hackers to record audio and edit, read, receive and send text messages. The malware app also has the capability to modify the contacts saved in the smartphone and read call logs, contacts, bookmarks and history.
Niantic has temporarily halted the global rollout of the video game.
Original Post By:
Robin Sinha, TOI Tech | Jul 11, 2016, 04.16PM IST
No comments:
Post a Comment