Sophisticated Trojan picked out its favored victims
It is on Google Play store and it`s titled “Guide for Pokémon Go”.
In excess of half a million people have downloaded a Pokemon Go guide for Android that installed malware that could allow access to the phone.
Now that Niantic’s smash hit augmented reality mobile game is available worldwide, those seeking to do harm have turned to guide apps in order to lure unsuspecting Pokemon trainers into infecting their own phones.
Anti-virus giant Kaspersky Labs highlighted the issue, and explained that the Trojan disguised in the app was a fairly sophisticated bit of software that had infected at least 6,000 phones.
“It doesn’t start as soon as the victim launches the app. Instead, it waits for the user to install or uninstall another app, and then checks to see whether that app runs on a real device or on a virtual machine,” explained Kaspersky
Trojan phone home
After finding out you are indeed using a phone the Trojan will actually wait a couple of hours before communicating with its ‘home’ server and then only proceed after getting a call to action back.
“This approach means that the control server can stop the attack from proceeding if it wants to – skipping those users it does not wish to target, or those which it suspects are a sandbox/virtual machine, for example. This provides an additional layer of protection for the malware.”
In the world of Black Hats it seems you don’t have to catch them all, but by spreading the net wide you can bag yourself a scarily large selection of nasties.