Wednesday, March 27, 2024

Pokémon Go guide app with half a million downloads hacks Android devices MORE

Protection researchers found a malicious application on Google Play with over 500,000 downloads designed to advantage entirely manipulation Android devices. The software masqueraded as a guide for the popular Pokémon Cross recreation and used multiple obfuscation layers to pass Google Play’s malware detection mechanisms. Researchers from Kaspersky Lab stated in a weblog post. The app carries a malicious module that does not execute without delay. Rather, the app waits for every other application to be installed or uninstalled, which will determine if it’s walking on a real device or in an emulated environment, like the ones used to come across the malware.

How to reply to ransomware threats

Once the app determines that it runs on an actual device, it waits another two hours before executing the malicious module, connecting to a remote server, and sending facts about the tool. The server can coach the module to download exploits for local privilege escalation vulnerabilities found in Android between 2012 and 2015.

Those are referred to as root exploits because they give entry to the best-privileged account on Android,, the basic version. In other words, hit exploitation will result in a complete compromise of the tool.[ALSO ON CSO: Pokemon Go: What security awareness programs should be doing now] Google has released patches for all of these vulnerabilities; however, due to the fragmentation of the Android environment, there are likely many devices accessible that have not received all the updates, Planet Reporter.

This does not imply that the five hundred 000 downloads constitute the wide variety of compromised devices. Android has local safety capabilities like Verify Apps and SafetyNet, which might be specially designed to hit upon and block acknowledged root exploits. Kaspersky recognized over 6,000 successful infections, normally in Russia, India, and Indonesia. “But, since the app is orientated towards English-talking users, people in such geographies, and more, also are probably to have been hit,” the Kaspersky researchers stated.

Related Articles :

The malicious “Guide for Pokémon Moves” app was not the only one within the Google Play keep containing this Trojan module. Kaspersky located other such apps in the shop in one-of-a-kind instances, considering December 2015. Most of the older apps had around 10,000 downloads. However, one known as “Digital Clock” had over 100,000 downloads. Google has done a quite appropriate activity at preserving malware from its respectable app keep during the last few years. Still, as this incident indicates, malicious packages can nonetheless slip thru sometimes.

William M. Alberts
William M. Alberts
Unable to type with boxing gloves on. Professional beer scholar. Problem solver. Extreme pop culture fan. Fixie owner, shiba-inu lover, band member, International Swiss style practitioner and holistic designer. Acting at the intersection of design and mathematics to save the world from bad design. I'm a designer and this is my work.

Related Articles

Latest Articles