Capitec has introduced Apple Pay digital payment wallet to its clients. Sending notifications on the announcement Capitec has notified clients of the new added…
According to Proofpoint, a security research firm, an infected APK installation file of the game has been making the rounds on the internet, enticing those in countries that haven’t yet seen the game’s official launch.
“This specific APK was modified to include the malicious remote access tool (RAT) called DroidJack (also known as SandroRAT), which would virtually give an attacker full control over a victim’s phone,” the company explains.
“Should an individual download an APK from a third party that has been infected with a backdoor, such as the one we discovered, their device would then be compromised.”
While Proofpoint does suggest this dirty APK file hasn’t been circulating “in the wild”, it was uploaded to a malicious file repository site about three days after the game launched Down Under.
Proofpoint suggests that users test the SHA256 hash (effectively a file ID number) and take a look at the app’s Android permissions to determine if the APK they’ve used is indeed safe.
The SHA256 hash of the safe file should read 8BF2B0865BEF06906CD854492DECE202482C04CE9C5E881E02D2B6235661AB67, and not 15db22fd7d961f4d4bd96052024d353b3ff4bd135835d2644d94d74c925af3c4 — the hash of the modified file.
Dodgy permissions to look out for include “read your Web bookmarks and history,” “retrieve running apps” and “run at startup”. These can be located in the app’s info section in your device’s Settings.
Feature image: John Valentine II via Flickr