The world around me has become a frenzy of augmented reality Pokemon trainers with millions of people trying to «catch them all» in their local environment. The long-awaited addition to the Pokémon series brought budding trainers out of their sofas and onto the streets, tugging hard on the nostalgic heartstrings of adults who thought their Pokémon had caught the addiction of the long-dead.
Niantic, developers of Pokémon Go and its portal that captured the forerunner of the alien battle, Ingress enjoy the currently unparalleled success that their augmented reality game is experiencing. Ingress, while relatively popular, never achieved the global success of Pokémon Go. It’s almost like brand recognition is really helpful!
Success is not without sorrow, however. Niantic seems to have been neglected to learn from the tumultuous early days of Ingress. Their unexpected success seems to have come as a surprise, and despite adding roughly $9 billion to Nintendo’s market cap, big questions remain.
Questions include «how to lure Charizard into your living room» and «why is there only Doduo in my city?» — more serious issues such as widespread reports of Android malware spreading through repackaged Pokémon Go APKs, as well as reports of people being robbed for their extremely expensive smartphones after going too far from their regular places.
Let’s take a look.
Angry Pokemon Go APK
Pokémon brings back some damn strong memories for me. For many years I have played red and blue obsessively, watched many television series, and on my wall proudly hung the coolest poster of the first 150 Pokémon. But this is different.
Many people with similar Pokémon backgrounds who long ago gave up on their more illustrious gaming desires have found the version release too strong to resist. However, Niantic with Pokémon Go region-locked, meaning those outside the US, Australia, or New Zealand, were supposed to be unable to play until their official versions hit device app stores.
Of course, that’s unlikely to work—and it didn’t. While the apps didn’t show up on the Google Play Store or the UK App Store, users quickly realized that it was easy to get around. Numerous Pokémon Go APKs (Android App Bundles) have been uploaded to a huge number of APK repositories, such that there are so many that Googling «APK» only returns links for Pokémon Go.
Unfortunately, the hackers saw this as a great opportunity to download APKs containing some serious malware aimed at those users who simply couldn’t wait for the official release date for their region.
Once downloaded to an unsuspecting user’s device, the malicious code immediately runs after unpacking the APK, and you find something completely different.
You caught a rat!
And not Ratata. No it’s R- emote A ccess T ool named Droidjack discovered by researchers at Proofpoint. Also known as SandroRAT, this Android malware has been previously described. from Symantec and Kaspersky and give the attacker remote access to the entire Android device on which the malicious APK is installed. Proofpoint has offered two methods to check if your Android device has been infected:
- Check the SHA256 hash of the downloaded APK. Permissible hash Pokemon Go APK should look like 8bf2b0865bef06906cd854492dece202482c04ce9c5e881e02d2b6235661ab67 . The hash of the malicious APK detected by Proofpoint reads 15db22fd7d961f4d4bd96052024d353b3ff4bd135835d2644d94d74c925af3c4.
- On your Android device go in » Settings > Apps > Pokémon Go and then go to » Permissions» . The images below are the permissions required by the legitimate Pokémon Go APK and the additional permissions granted to the malicious APK.
These are the legal Pokémon Go permissions:
And this is the first page with malicious Pokémon Go permissions:
If you have been infected, uninstall the app immediately and remove the malicious APK. Go to the Google Play Store, download Avast Mobile Security and scan your device. Then go back to the Play Store and download Malwarebytes Anti-Malware, scanning your device again.
Remove any malicious content found in any scan.
If you’re hard at work with backups of your Android device, you might have an entire system image to restore. If so, this is another great way to kill malware.
Checking your SHA256 hash
For Windows users, there is an easy option that does not require any download or any installation.
Open an elevated command prompt. Use the following command to create a hash:
certUtil -hashfile insertfilepathhere [алгоритм хеширования]
You can choose the hash algorithm MD2, MD4, MD5, SHA1, SHA256, SHA384 or SHA512. In this case, use the SHA256 option.
Once generated, check the hash of the APK against the hash provided by Proofpoint.
Other Issues: iOS Permissions
They are mixed in variety, but all excite. Perhaps the biggest issue has to do with the permissions of the Pokémon Go apps, which as it turns out cause anxiety ( but wrong, please read the next section before you panic! ) obsessively on iOS devices. While most applications require certain levels of permissions. permissions for that Pokémon Go would be made available to power them seem to have stepped over the privacy frontier by asking for (and getting!) access to all Google accounts. This means that instead of the usual simple request for a name, email address, and in some cases, a location, Pokémon Go and Niantic can access Google Drive, personal Gmail accounts, phone content, and more, as well as send emails as the affected user. ,
Niantic made a statement to Gizmodo, stating:
“Recently, we discovered that the Pokémon Go account creation process on iOS is erroneously requesting full control permission for the user’s Google account. However, Pokémon GO only accesses basic Google profile information (in particular, your user ID and email address), and no other Google account information has been or has been obtained or collected.
As soon as we became aware of this bug, we started working on a client-side fix to only request permission for basic Google profile information, according to the data we actually have access to. Google has confirmed that Pokémon GO or Niantic has not received or received any other information.
Google will soon reduce Pokémon Go’s permission to only the basic profile data that Pokémon GO needs, and users don’t need to take any action.»
It’s like one of those double-edged hopeful but how it happened moments, but at least it will be fixed after the rush. Now read the next small section and feel happier.
Google tech support says…
Dan Guido, CEO of Trail of Bits, denied the claim. Even though Niantic released their press statement announcing their investigation and apparent client-side fix, Guido believes «the giant section of the blog post may be wrong»
A developer engineer at Slack checked the OAuth token provided by the service and found that it does not provide any additional data or access to private services associated with the user’s Google account.
Other Issues: Law Enforcement
Law enforcement officials were called in for a number of incidents, all of which were directed directly at Pokémon Go. Most incidents report a Pokémon Trainer wandering to a secluded area to capture a Pokémon, only to be ambushed by thieves who make off with a smartphone.
Some reports say that thieves are actually using the Pokémon Go app itself to find Pokémon when they appear on the local map, head to that location, and lie in wait. Others claim people have wandered into areas they would normally avoid in hopes of catching particularly rare Pokémon, or simply monsters they don’t normally encounter.
These extremely unpleasant experiences were rare during the time I played Ingress, although a strange story came up from time to time. However, it was usually a factional scare rather than outsider robbing players or even outsiders using an app to track and monitor where people would stand with their shiny shiny smartphones. However, the guy was waiting for me next to my car one night after I destroyed his home portals, but that’s another story.
Advice A: Please be reasonable. These are fictional Pokémon you can live without. You can’t live without your life, and I’ve heard that violent robbery can shorten your lifespan considerably. Don’t joke, don’t roam the roads with your Pokémon Go scanner without exploring the world around you, and don’t go hunting where you wouldn’t normally think. Pokémon cannot protect you in the real world.
Nice law enforcement
On the other hand, there have been some funny reports of cops stopping roaming players and then joining them on the hunt when they realize what’s going on. Remember that augmented reality games are still incredibly new for many. our law enforcement officers are included. If you’re walking around a cemetery that is usually frequented by heroin dealers, expect to be asked. Just be polite and explain what you are doing.