Subscribe
  • Home
  • /
  • Security
  • /
  • Over keen would-be Pokémon trainers take heed

Over keen would-be Pokémon trainers take heed


Johannesburg, 27 Jul 2016

South Africans who don't want to wait any longer to download Pokémon Go from their official app store may be searching for ways to get the game onto their devices. Many may have succeeded via third party sites. But, Securicom, a managed IT security services vendor, warns against it.

"Pokémon Go has been released in a few territories around the world, not including South Africa, yet. But there are ways to get the game onto devices and there are some big, trusted news and technology sites which are telling people how to do it. In all cases, getting Pokémon Go onto your device, as a South African, requires using un-trusted sites.

"Most of these sites will need you to allow your device to accept installations from 'untrusted sources'. The mere reference to 'untrusted' should serve as a warning but when you want something on your device it's probably not enough to deter you. People make use of sites like these if a certain application they are looking for is not available in their region," says Securicom's Michael Morton.

Since the release of Pokémon GO, traffic on APK Mirror, a site where APK (Android Application Package) can be downloaded, has increased by 597%, from just over 600 000 visits on 5 July to over 4 million visits on 6 July (https://www.similarweb.com/blog/Pokémon -go).

But, Morton stresses that there are reasons for official app stores. Importantly, these stores review and check all apps to ensure that they are not harmful before they get loaded there. The Google Play Store for instance helps protect devices by blocking potentially harmful apps. https://support.google.com/accounts/answer/2812853?hl=en)

"Trusted app stores ensure measures are put in place to protect your device from malicious applications. When downloading from untrusted sources, and enabling your device to allow this, you are potentially opening up your device to all kinds of threats in the cyber world. For example, an infected Android version of the newly released mobile game Pokémon GO has been discovered is a malicious file repository service.

"A version of the APK was modified to include the malicious remote access tool (RAT) called DroidJack which allows hackers to take control of a mobile device without the user even noticing it. With this tool they can open and install applications, install key loggers, read private messages and e-mails, and with the help of Google public API, see exactly where the individual is located. Clearly this is not something that you want living on your phone.

"Now, before you go ahead and hang up your Pokemon trainer cap, this APK has not yet been seen in the wild yet. However, it does provide evidence of a working prototype, providing hackers an easy entry to users' mobile devices if the required security measures are by-bassed," warns Morton.

He offers a few tips for users help make their mobile experiences more secure:

* Make sure your OS is up to date with the latest version or patch release.

Google and Apple release new versions of their OS to address current vulnerabilities that exist.
Download your applications from reputable sites that your OS provider recommends
Downloading untrusted applications or applications from a third party store might introduce malicious code on your device that compromises your device security.

* Install a mobile security application

There are many forms of free Anti-virus applications on the App store. These applications will scan your device and applications and report on any malicious or suspect behaviour.

* Use a personal Firewall

This will be the same as a Firewall sitting at your office. Can use the Firewall to disable all ports on your device, only opening the ones you know are being used.

* Ensure you have the latest version of an application on your device

With each new version of an application certain features, both security and interface, are addressed and updated.

Share

Securicom

Securicom is a leading managed IT services vendor in Africa, with global presence. It is one of a handful of local vendors to offer an end-to-end range of fully managed IT security services for the cloud, from the cloud. Its consumption-based services are available through a select partner network in Africa.

Securicom's holistic suite of solutions provides comprehensive weaponry and proactive defence against the host of threats that afflict businesses today from endpoint protection, managed firewalls, and advanced Fortigate reporting, to WAN and LAN optimisation; e-mail content management, and mobile device management.

Solutions are packaged to harness the capabilities of best-of-breed technologies including Symantec Brightmail, Riverbed, Fortinet, logMojo, and XenMobile. Solutions are hosted upstream at Securicom's highly-secure, local data centres.

Securicom has offices in Johannesburg, Cape Town and Namibia; and offers its services in 10 other African countries.

For more information on Securicom, please visit www.securicom.co.za

Editorial contacts