Not offcially launched in Vietnam as well as many other countries, the wildly popular new game Pokémon GO can still be downloaded from unofficial sources on the Internet, from which fake apps appear and some cases have put user’s smartphone at risk. Taking a deep look into several of such apps, Bkav identified the malware capable of taking full control of Android devices.
Malware found in fake Pokémon GO apps is DroidJack (a Remote Access Tool malware), one of the most powerful and dangerous trojans on Android. This trojan owns many malicious features such as automatically installing any apps on victim smartphones as required by hackers, turning on camera, microphone to record video, mic, and all conversations and messages of device owners, etc, simultaneously sending stolen information to hackers. Analysing how the malware is inserted in the app, Bkav detected the C&C server of hackers was located in Turkey.
Expert Ta Duc Thien from Bkav shared the method to insert malware into fake apps as follows: “The crooks only need to download APK file of Pokémon GO app from the manufacturer, and insert malware into source code file of the software. This is quite simple by using tools popularly available online. Software injected with malware then is launched on the Internet under a name identical to “genuine” software, and can operate normally after being downloaded to smartphones. Therefore, users are unaware of being victims; even when their smartphones are controlled remotely”.
Bkav recommends users should not download and use fake Pokémon GO apps from unknown sources, only select from official app store when the manufacturer launches officially in Vietnam. Bkav has updated the sample of malware in fake Pokémon GO on Bkav Mobile Security; users can download to check their smartphones here.
- Viet Nam cyber security overview in 2017 and predictions for 2018
- New variant of Mirai malware targeting IoT devices in Vietnam
- More than 5,000 Linux system in Vietnam affected by serious flaw Dirty COW
- Malware attacking Vietnam Airlines appears in many other agencies
- Warning on malware hijacking smartphones in fake Pokémon GO
- Luật ATTT mạng số 86/2015/QH13 ra đời năm 2015
- Nghị định 85/2016/NĐ-CP
- Chỉ thị 14/CT-TTg năm 2018
- CT 14/2019, BTTT-CATTT
- Công văn số 2973/BTTTT-CATTT năm 2019 Hướng dẫn triển khai hoạt động giám sát an toàn thông tin trong cơ quan, tổ chức nhà nước hướng dẫn CQNN
- Công văn số 235/CATTT-ATHTTT năm 2020 hướng dẫn mô hình bảo đảm an toàn thông tin cấp Bộ, Tỉnh.