Skip to main content

Did You Install This Malicious Pokémon Go App?

People all over have been trying to enjoy the new Pokémon Go app, which released this week to so much fanfare that it’s experiencing massive server overload. The hype was so real that people were passing around APK files so that people outside the countries where it’s available could side-load it on Android, something We saw in my own friend groups.

Security firm Proofpoint is now cautioning those who couldn’t wait for an official app store release, saying that one specific APK was modified to install a backdoor called DroidJack. The app is different form the official version, but is close enough to fool anyone who may have picked it up.

The firm discovered the infected Android version of the app less than 72 hours after the game was released in New Zealand and Australia on July 4.
Proofpoint highlights some ways to tell if this particular version has been installed. For example, in the list of permissions (which you can access by going to your Settings, then Apps, and finding Pokémon Go), you’ll see some that aren’t typical of apps that let you catch creatures in augmented reality: 

The firm also noted that going deep into the game’s files highlights some fake starter classes (including one called net.droidjack.server).
Proofpoint has a full list of warning signs over at the blog.

Downloading an app from a third party doesn’t necessarily mean that you’ll be infected with a virus, but it certainly ups the risk. The fact that the game is being slowly rolled out around the globe is only increasing the chances of someone getting infected with DroidJack.

“Bottom line, just because you can get the latest software on your device does not mean that you should,” the company wrote. “Instead, downloading available applications from legitimate app stores is the best way to avoid compromising your device and the networks it accesses.”

Comments

Post a Comment

Popular posts from this blog

Here Are 7 Brilliant Cheat Sheets For Linux/Unix

There's nothing better than a cheatsheet when you are stuck and need a reference. So here bringing to you 7 brilliant free cheat sheets.  1. Unix Tool Box : An incredibly exhaustive reference for all things Linux. This document is a collection of Unix/Linux/BSD commands and tasks which are useful for IT work or for advanced users. 2. One page Linux Manual : Great one page reference to the most popular Linux commands, it is a summary of useful Linux commands. 3. Linux Reference Card : One great reference published by FOSSwire. 4. Linux Command Line Cheat Sheet : This is an interestingly sorted and helpful cheat sheet by cheatography. 5. Linux Command Line Tips : This is a linux command line reference for common operations. Cleanly sorted and well described. 6. Treebeard’s Unix Cheat Sheet : A great reference that shows command comparisons with that of DOS. So if you are someone who was a DOS user and has switched to Linux, this is the best one too have! 7. Linux Shor

Extracting Administrator Passwords Using LCP

Extracting Administrator Passwords Using LCP Link Control Protocol (LCP) is part of the Point-to-Point (PPP) protocol In PPP communications, both the sending and receiving devices send out LCP packets to determine specific information required for data transmission. ■ Use an LCP tool ■ Crack administrator passwords Tools Needed ■ A computer running Windows Server 2012 ■ A web browser with an Internet connection ■ Administrative privileges to run tools                ■ You can also download the latest version of LCP from the link         http: / www.lcpsoft.com/engl1sh/1ndex.htm ■ If you decide to download the latest version, then screenshots shown     might differ ■ Follow the wizard driven installation instructions ■ Run this tool in Windows Server 2012 ■ Administrative privileges to run tools ■ TCP/IP settings correctly configured and an accessible DNS server Overview of LCP LCP program mainly audits user account passwords and

Ten Important Rules Of Ethical Hacking

The world of ethical hacking too is bound by a set of rules and principles, here are 10 crucial ones!   Time and again we have been bringing you valuable resources on ethical hacking since we know and understand the nature of things as far as security goes. Ethical hacking is picking up steam each day with more and more organisations spending heftily to maintain the sanctity of their systems and data. As such, ethical hacking is a glorious career option in the current scheme of things. 1.Set your goals straight To begin with, an ethical hacker must start thinking like the intruder. He must be able to identify the loopholes on the target access points or networks that are prone to attack, he must be aware of the repercussions of these loopholes and how the intruder can use it against the same. An ethical hacker then has to find out if anyone at the target notice the intruder's attempts to carry out his/her acts. Finding out and eliminating unauthorised wireless access point