More than half a million people were tricked into downloading a Pokemon Go guide for Android users. This in turn installs malware that potentially allows access to the compromised device.
The popular game has become a huge success worldwide and has augmented the experience in mobile gaming and is clearly available all over the world. The said guide app that is tainted with malware was able to lure some Pokemon trainers which led to their phones being infected.
Kaspersky labs put the spotlight on the said issue. Approximately 6,000 or more phones got compromised by the fairly sophisticated code.
This is basically a Trojan horse type of app. It is sneaky in a way that it waits patiently. The trigger is basically waiting for the user to install or uninstall app, but here is the twist, it checks if is running in a real machine or a virtual machine.
Imagine this, once it determines you are using a mobile phone, the Trojan waits a little bit more, roughly a few hours. Then it contacts the hacking server before proceeding. Once it has established a verified 2-way link it will get a call to action to do whatever actions are supposed to be done.
This method is pretty smart because it creates a secondary layer of protection for the malware . In what way you ask? Imagine this, it will not run on sandbox and virtual machines. The control server can easily start or stop the commands to avoid detection and skip users they do not wish to target.
This is the way how Black Hats do their thing nowadays. They just spread their nasties in every possible way they can and just wait to bag a large catch they can make money from or take control. Control is the new superpower.