Pokemon GO guide app for Android found to contain malware
Security experts from Kaspersky Labs warn that an Android app called 'Guide For Pokémon Go New' contains a trojan. Alas, the app had already managed to amass over 500,000 downloads, riding on Pokémon GO's popularity, before Google took them down.
The trojan works by showings many ads, rooting devices, and installing malicious files and apps behind the scenes. It connects to a command-and-control server run by cyber criminals and sends information about the infected device, such as model, OS version, country, display language, and other data.
If the device profile matches certain criteria, the trojan proceeds with downloading more malicious files with obfuscated code and tries to exploit a number of vulnerabilities found between 2012 and 2015. While it only serves to show a barrage of ads, the trojan could potentially be used to deploy other malicious apps with more drastic infections.
The malicious app has been removed from Google Play. If you have downloaded it, you are advised to uninstall it immediately and use a free anti-virus scanner, such as the one provided by Kaspersky Labs, to scan for the trojan's presence. Kaspersky Labs detects it as "HEUR:Trojan.AndroidOS.Ztorg.ad".
source: Kaspersky Labs