Hacked Pokémon GO version with DroidJack malware spotted, here's how to check if your APK is legit

If you are wondering what the Pokemon Go craze is all about, but are georestricted and want to sideload the game on your handset, be warned that a couple of third-party sites that are carrying it, have packaged the viral hit with a potent malware companion, dubbed DroidJack or SandroRAT that can give control over your phone to unknown parties.

About three days after the game had been officially released in New Zealand and Australia, the modified files of the original Pokemon Go APK were uploaded to a malicious file hosting service, and some are referencing them into tutorials how to sideload the game in order to evade the georestrictions that have been imposed by the makers. Our own Pokemon Go installation manual includes a clean and vetted link, so head over there if you want to be sure there's no Jack in your Go.

If you want to check whether you have installed the clean APK, or the modified Pokemon Go version with the DroidJack malware, there are a few things you can do:

1. Check the hash of the downloaded APK. If the SHA256 hash reads as this, you have the hacked version:


2. Compare the permissions screens that pop up before you start the installation by going to Settings > Apps > Pokemon Go > Permissions

source: Proofpoint



1. The-Invisible-Man

Posts: 13; Member since: Jul 07, 2016

first again and like pokeman would be on a list of stupid

4. xperian

Posts: 418; Member since: Apr 10, 2014

You are on the list of stupid

2. Unordinary unregistered

Lmao. When will it end

3. NoToFanboys

Posts: 3231; Member since: Oct 03, 2015

It will not end, that's what you get for being open and have a lot of market share.

5. Unordinary unregistered

A for effort babe :)

Latest Stories

This copy is for your personal, non-commercial use only. You can order presentation-ready copies for distribution to your colleagues, clients or customers at https://www.parsintl.com/phonearena or use the Reprints & Permissions tool that appears at the bottom of each web page. Visit https://www.parsintl.com/ for samples and additional information.