Overclock.net › Forums › Industry News › Video Game News › [ars] fake-pokemon-go-app-on-google-play-infects-phones-with-screenlocker
New Posts  All Forums:Forum Nav:

[ars] fake-pokemon-go-app-on-google-play-infects-phones-with-screenlocker

post #1 of 3
Thread Starter 
here comes ransom
Quote:
http://arstechnica.com/security/2016/07/fake-pokemon-go-app-on-google-play-infects-phones-with-screenlocker/

Researchers from antivirus provider Eset report finding at least three such apps in the Google-hosted marketplace. Of the three, the one titled "Pokemon Go Ultimate" posed the biggest threat because it deliberately locks the screen of devices immediately after being installed. In many cases, restarting an infected phone isn't enough to unlock the screen. Infected phones can ultimately be unlocked either by removing the battery or by using the Android Device Manager.

Once the screen has been unlocked and the device has restarted, the app—which by now has the title PI Network—is removed from the device's app menu. Still, it continues to run in the background and surreptitiously clicks on ads in an attempt to generate revenue for its creators.

"This is the first observation of lockscreen functionality being successfully used in a fake app that has landed on Google Play," Eset malware researcher Lukas Stefanko wrote in Friday's post. "It is important to note that from there it takes just one small step to add a ransom message and create the first lockscreen ransomware on Google Play."

Eset discovered two other fake Pokémon Go apps inhabiting Google Play, one named "Guide & Cheats for Pokemon Go" and the other "Install Pokemongo." Both deliver ads carrying fraudulent, scary-sounding messages that are designed to trick users into buying expensive, unnecessary services. One such message claims the device is infected with malware and prompts the user to spend money to get the malicious apps removed.

"Every time the user presses the 'Back' button, new scareware pop-ups and advertisements appear," Stefanko wrote. "The only way to get rid of them is double-clicking on the 'Back' button."
post #2 of 3
Tons of malware seems to appear everyday on smartphone, especially with "free" games and apps. Yet Steam still bother me with their Steam authenticatior for selling 5c cards. rolleyes.gif
Love This Beast
(14 items)
 
PS4
(14 items)
 
HTPC
(13 items)
 
CPUMotherboardGraphicsRAM
Core i7 920 D0 3.8Ghz Gigabyte EX58-UD4P Asus 1060 6GB OC 2138core/8606memory 12Gb Fury HyperX 1447mhz 1.64v 9-9-9 28 2T 
Hard DriveOptical DriveCoolingOS
WD Black 640Gb + Seagate 500Gb + Hitachi 2.5" 5... LG DVD-RW SATA Noctua NH-D14 Windows 10 Home  
MonitorPowerCaseMouse
Asus VW266H 25.5" 1200p Corsair 750W CoolerMaster Cm690 II Advanced (Version 2) Logitech MX518 
CPUMotherboardGraphicsRAM
8 Jaguar Core 1.6Ghz CUH-10XXA AMD 7870 (2 CU's disabled) 800Mhz  8Gigs GDDR5 2.75Ghz 
Hard DriveOptical DriveCoolingOS
Toshiba 500Gigs  Blu-ray 6x 85mm Fan. Sony PS4 OS 
MonitorKeyboardPowerAudio
Sony 40R350 B Sony DualShock 4 250W Polk Audio Rti A3's 
AudioAudio
Polk Audio PSW125 Yamaha Rv-371 
CPUMotherboardGraphicsRAM
Q6600 2.4Ghz Dell 0RF703 Zotac GT640 4G DDR2 
Hard DriveCoolingOSMonitor
320Gb Western Digital Caviar Green + 160Gb Hita... Dell Performance Edition Heatsink J9761 W10 64Bits Pro Sony 40R350 B 
KeyboardPowerCaseMouse
Lenovo Keyboard 460w oem Dell Optiplex 745 Logitech  
  hide details  
Reply
Love This Beast
(14 items)
 
PS4
(14 items)
 
HTPC
(13 items)
 
CPUMotherboardGraphicsRAM
Core i7 920 D0 3.8Ghz Gigabyte EX58-UD4P Asus 1060 6GB OC 2138core/8606memory 12Gb Fury HyperX 1447mhz 1.64v 9-9-9 28 2T 
Hard DriveOptical DriveCoolingOS
WD Black 640Gb + Seagate 500Gb + Hitachi 2.5" 5... LG DVD-RW SATA Noctua NH-D14 Windows 10 Home  
MonitorPowerCaseMouse
Asus VW266H 25.5" 1200p Corsair 750W CoolerMaster Cm690 II Advanced (Version 2) Logitech MX518 
CPUMotherboardGraphicsRAM
8 Jaguar Core 1.6Ghz CUH-10XXA AMD 7870 (2 CU's disabled) 800Mhz  8Gigs GDDR5 2.75Ghz 
Hard DriveOptical DriveCoolingOS
Toshiba 500Gigs  Blu-ray 6x 85mm Fan. Sony PS4 OS 
MonitorKeyboardPowerAudio
Sony 40R350 B Sony DualShock 4 250W Polk Audio Rti A3's 
AudioAudio
Polk Audio PSW125 Yamaha Rv-371 
CPUMotherboardGraphicsRAM
Q6600 2.4Ghz Dell 0RF703 Zotac GT640 4G DDR2 
Hard DriveCoolingOSMonitor
320Gb Western Digital Caviar Green + 160Gb Hita... Dell Performance Edition Heatsink J9761 W10 64Bits Pro Sony 40R350 B 
KeyboardPowerCaseMouse
Lenovo Keyboard 460w oem Dell Optiplex 745 Logitech  
  hide details  
Reply
post #3 of 3
I foresee hordes of cautionary Facebook posts from parents of children wanting to play and just people in general.
New Posts  All Forums:Forum Nav:
  Return Home
  Back to Forum: Video Game News
Overclock.net › Forums › Industry News › Video Game News › [ars] fake-pokemon-go-app-on-google-play-infects-phones-with-screenlocker