Kaspersky Labs finds Pokemon Go malware that has been downloaded over 500,000 times

Kaspersky Labs has spotted a malicious Android app that masquerades as a Pokémon Go Guide. The app has so far been downloaded more than 500,000 times and Kaspersky estimates that at least 6,000 devices are completely compromised. **Pokémon Go** is a global phenomenon and it’s to be expected that cybercriminals would target it. Kaspersky reports that this Trojan got past anti-virus software by masquerading as a normal app, which is why it’s called a Trojan in the first place. The app apparently hid itself from antivirus programs by zipping files and obfuscating code. The code that was visible was perfectly benign. Once installed, the app would wait for a while to ensure that it wasn’t running on a virtual machine (used by security experts to test products) and trigger a message to a separate server once it was sure. The criminals could then get root access to the affected users system and do what they like with it. This app’s malicious activities were restricted to throwing up ads, but reportedly, it could get full access to the system. The app is capable of taking over a system, encrypting all user data and installing any app it pleases. Google removed the copy within days of Kaspersky removing it, but with over 500,000 downloads, affected users are still out there. Kaspersky reports that the Trojan relied on vulnerabilities that were discovered between 2012 and 2015. This app was well-rated on the Play Store, most likely because users weren’t even aware of its malicious intent. While you have to be wary of the apps you’re installing, it’s even more important that you keep your phone up-to-date and install all security patches as and when they’re made available.